“If you lock data up like Fort Knox people can’t use it,” he says. “It’s like locking your car up in the garage so you can’t get into an accident, but then what’s the point of having a car? You want your people to have access to data.”
McCartney adds that in addition to malicious threats from hackers, CIOS also have to deal with accidental breaches that, for example, can occur when a well-meaning employee loses a thumb drive full of data.
Meanwhile, as CIO he’s also charged with policing thousands of mobile devices and a total of about 70,000 email accounts that are constantly under assault from phishing attempts.
Ed Brandman, CIO of the private equity firm KKR & Co., says his company focuses on advising its portfolio companies, which range from payments processor First Data Corp. to retailer Academy Sports, on the best practices for protecting data.
He says a major task CIOs face is balancing data security spending with the perceived potential for an attack, noting that CIOs also have to decide how much to spend on other technology related investments such as computer upgrades and mobile devices.
“And no matter how much you’re spending, you never have 100 percent confidence that you’re safe,” Brandman says. “It’s an always evolving state.”
Mark Popolano, CIO of ProSight Specialty Insurance, agrees. His company’s commercial insurance business is all about weighing risks against costs.
“If you want to spend an infinite amount of money on security you can,” he says. “But the government does and they’re not 100 percent foolproof.”
It’s for that reason that Grady says New England BioLabs paid particular attention to how Target and Neiman Marcus, which also recently reported a data breach, handled their situations in terms of costs and transparency.
He says the fact that the breaches happened to those two companies shows that they can happen to anyone.
The important thing is to know how to respond if the worst does occur.
“What we don’t want is to be unprepared and not have a plan, heaven forbid we have such an issue,” Grady says.<< previous 1 2 3 4