APLawrence.com -  Resources for Unix and Linux Systems, Bloggers and the self-employed

Security and Trust


© February 2007 Michael Desrosiers

2007/02/04 Michael Desrosiers

This month's topic is about how information security plays a part in a corporation's or businesses trust and reputation, and how to consider the risk that are associated with it.

Last month's data breach disclosure from retail giant TJX Companies, will have a far reaching impact on their branding for years to come. We still refer to the BJ's Warehouse data breach from 2 years ago and last year's ChoicePoint incident. One of the major lessons that must be learned from these breaches is the impact of security and privacy on brand reputation and customer loyalty. To back up the assumption that security can be a competitive advantage or detractor for a business, one should read the following study called "Secure the Trust of Your Brand". The CMOC (Chief Marketing Officer Council) study can be found at:

https://www.cmocouncil.org/SUBSECTIONS/programs_secure.html

One of their key findings was that 76% of marketers surveyed agree that security breaches negatively impact a brand and 60% believe strong security can be a very competitive advantage for an organization. But the findings also point out that 60% of the marketers surveyed reported that security has not become a more significant selling point in marketing communications. I have seen this type of contradiction for PCI compliance adoption also. It has been reported that only 25% of level one merchants are compliant, although that number was expected to reach 75% by the end of 2006. One can argue that these are two separate subjects with different challenges and should not be compared. However, I just wanted to bring these up as food for thought as the role of the CSO (Chief Security Officer) evolves. They are in charge of physical as well as information security covering the entire organization, which makes this even more challenging.

And while a 2006 global security survey shows that security spending may be as high as 17% of the average IT (Information Technology) budget, in reality, most CSO's still have budget constraints. The trick will be to convince all executives and their board members, that security can help them generate more revenue and at the same time, avoid huge breach cleanup costs and fines. It truly amazes me that even after so many well publicized security breaches (see BJ's and ChoicePoint), many companies still consider security an expensive budget item that is a luxury and not a necessity. It may be due to the misconception that all security professionals face in proving the business value in protecting your electronic assets.

Thankfully, we now have more data available, such as the above mentioned security and brand trust study. We need to use this information to develop cohesive relationships with marketing and all other business line executives. The CFO (Chief Financial Officer) should be made aware that with good security measures, you could even get a discounted rate on your E&O (Errors and Omission) or other cyber insurance. The CEO (Chief Executive Officer) and board of director's should take the trust and reputation risks to heart. Once their perspective is changed, then security will become a significant and core value for their companies.

To respond to this or previous newsletters or to inquire about an on-site presentation, please feel free to call us at 508-995-4933 or email us at mdesrosiers@m3ipinc.com.

Regards,

Michael Desrosiers
Founder & Principal Consultant
m3ip, Inc.
We Manage Risk, So You Can Manage Your Business
(O)508-995-4933
(C)774-644-0599
mdesrosiers@m3ipinc.com
https://www.m3ipinc.com


Got something to add? Send me email.





(OLDER)    <- More Stuff -> (NEWER)    (NEWEST)   

Printer Friendly Version

->
-> Security and Trust


Inexpensive and informative Apple related e-books:

Take control of Apple TV, Second Edition

iOS 8: A Take Control Crash Course

Take Control of High Sierra

Are Your Bits Flipped?

Photos for Mac: A Take Control Crash Course




More Articles by © Michael Desrosiers




Printer Friendly Version

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us


Printer Friendly Version





C++ is a badly designed and ugly language. It would be a shame to use it in Emacs. (Richard Stallman)




Linux posts

Troubleshooting posts


This post tagged:

MDesrosiers

Security



Unix/Linux Consultants

Skills Tests

Unix/Linux Book Reviews

My Unix/Linux Troubleshooting Book

This site runs on Linode