Enterprising Developments

Overlooking Data Security

Joe McKendrick
Insurance Experts' Forum, May 13, 2011

In a new article, Richard Levick, Esq., a crisis and public affairs communications specialist, wonders out loud if the data security debacle suffered by Sony Online Entertainment services could have been managed more effectively. 

Sony's crisis of confidence may reflect issues that are pervasive throughout many corporate cultures. Levick cites 2010 Carnegie Mellon University survey of corporate directors and executives that reveals “a stunning disconnect between consumers who are increasingly concerned about data breaches and the boards that are ultimately responsible for preventing them.” 

The survey found none of the boards in the survey places data security among its top three priorities. Only 6% reported that their boards had an IT or data security committee.

This disconnect between management and in-the-trenches IT requirements is a challenge even the best technologies can't fix. There are very effective security features available in today's database products, along with data encryption and de-identification solutions. Security technology is great, but there is a lack of management will to underwrite security efforts.

Often, data breaches are unavoidable, but a well-prepared and well-trained corporate culture can be an effective line of defense. Levick cites the example of the data breach at Heartland Payment Systems, in which the company's management moved quickly to notify customers in an “unprecedented communications effort that not only protected consumer relationships, but also made each subsequent step in the recovery process all the more credible. As a result, crisis was transformed into an opportunity as Heartland worked with competitors and drove industry-wide reforms that secured its leadership position in the ongoing battle against cybercrime.”

 

Joe McKendrick is an author, consultant, blogger and frequent INN contributor specializing in information technology. 

Readers are encouraged to respond to Joe using the “Add Your Comments” box below. He can also be reached at joe@mckendrickresearch.com.

This blog was exclusively written for Insurance Networking News. It may not be reposted or reused without permission from Insurance Networking News.

The opinions of bloggers on www.insurancenetworking.com do not necessarily reflect those of Insurance Networking News.

Comments (0)

Be the first to comment on this post using the section below.

Add Your Comments...

Already Registered?

If you have already registered to Insurance Networking News, please use the form below to login. When completed you will immeditely be directed to post a comment.

Forgot your password?

Not Registered?

You must be registered to post a comment. Click here to register.

Blog Archive

The Other Auto Insurance Telematics Shoe Drops

Progressive's decision to charge Snapshot drivers more if their driving data indicates higher risk has started the industry down a road of data-driven adverse selection.

Core Transformation – Configuring in the Rain

The whole point of core transformation is that changes at the micro level can be used as a stimulus for changes at the macro level.

6 Ways to Develop a Productive IT-Business Dialog

Relationship management 101 for keeping IT and business on the same page.

Unified Digital Strategy: Succeeding in the Digital Revolution

A unified digital strategy recognizes that all business strategies and technologies touch the customer in some way and that a one-size-fits-all channel model is obsolete.

Agile and Continuous Delivery in a Regulated Environment

Just because a development team is doing continuous delivery or packaging releases into two-week sprints doesn’t mean that code is being moved to production.

Dealing with the COBOL Brain Drain

Documentation on aging systems often is akin to tribal knowledge, and the potential for things to go bump in the night increases as these environments face generational transition.