How IT Departments Can Help Rather Than Hinder Security

The chairman and CEO of insurance holding company The Chubb Corp. is taking a strong stance on changing the way corporations devise and implement IT security and business continuity plans, an issue that has moved to the forefront since Sept. 11.

In a speech last week to IT executives and corporate risk managers at the Bureau of National Affairs’ (BNA) cybersecurity summit, Chubb’s Dean O’Hare said IT security planning must not be confined to information technology departments. He advocates that it rise to the corporate governance level, involving oversight by top executives and boards of directors.

“It is increasingly clear that we cannot manage these risks within any one silo. Cybersecurity must be an integral part of a company’s overall security planning,” O’Hare said in his speech to the BNA, portions of which were released by Chubb. “Information technology experts cannot do this alone. They must work with security, human resources, risk management, general counsel and line management across the entire enterprise to develop policies and procedures to minimize risks.”

O’Hare’s words should be welcome words to corporate IT executives, many of whom have sought for years to attract that level of attention and input — not to mention funding — from CEOs and directors for their IT security and business continuity plans.

Many Companies Still Taking Security Shortcuts

Although Sept. 11 has brought a renewed focus on devising robust security plans, many companies reportedly are still lagging on that front. A recent report by Gartner Inc. found that many companies remain focused on inexpensive tactics such as updating and testing their business-continuity plans, rather than making major changes, such as moving data centers or offices to more secure locations.

O’Hare also said in his remarks that there must be across-the-board cooperation between IT and other in-house departments, as well as cooperation among companies, industries and the public and private sectors when it comes to building security strategies.

O’Hare cited what he believes to be good examples of large-scale cooperative efforts aimed at boosting cybersecurity at the industry level. They include the National Association of Manufacturers’ Homeland Security Committee, which recently formed to help member companies understand key operational and policy issues such as cybersecurity, and the Critical Infrastructure Protection Board, formed by President Bush’s chief cyber security adviser, Richard Clarke, to improve coordination between federal agencies and businesses.

Among his other points:

• Cooperation and trust between business and law enforcement is critical to thwarting e-security threats. He said a major problem is that too few companies report cyber crimes to the police or FBI, out of fear that negative publicity will hurt their business. O’Hare said: “When a company fails to reach out to law enforcement, it leaves itself more vulnerable to future crimes.”
• Corporate execs have a strong personal interest to ensure their cyber security plans are as strong as possible: a threat of personal liability lawsuits from shareholders or businesss partners due to an IT security failure.

The Bureau of National Affairs (BNA) publishes news, analysis, and reference materials covering legal and regulatory developments for corporate and government leaders.

RELATED NEWS AND ANALYSIS

• Huawei’s AI Update: Things Are Moving Faster Than We Think

  FEATURE |  By Rob Enderle,
  December 04, 2020

• Keeping Machine Learning Algorithms Honest in the ‘Ethics-First’ Era

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 18, 2020

• Key Trends in Chatbots and RPA

  FEATURE |  By Guest Author,
  November 10, 2020

• Top 10 AIOps Companies

  FEATURE |  By Samuel Greengard,
  November 05, 2020

• What is Text Analysis?

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  November 02, 2020

• How Intel’s Work With Autonomous Cars Could Redefine General Purpose AI

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 29, 2020

• Dell Technologies World: Weaving Together Human And Machine Interaction For AI And Robotics

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  October 23, 2020

• The Super Moderator, or How IBM Project Debater Could Save Social Media

  FEATURE |  By Rob Enderle,
  October 16, 2020

• Top 10 Chatbot Platforms

  FEATURE |  By Cynthia Harvey,
  October 07, 2020

• Finding a Career Path in AI

  ARTIFICIAL INTELLIGENCE |  By Guest Author,
  October 05, 2020

• CIOs Discuss the Promise of AI and Data Science

  FEATURE |  By Guest Author,
  September 25, 2020

• Microsoft Is Building An AI Product That Could Predict The Future

  FEATURE |  By Rob Enderle,
  September 25, 2020

• Top 10 Machine Learning Companies 2020

  FEATURE |  By Cynthia Harvey,
  September 22, 2020

• NVIDIA and ARM: Massively Changing The AI Landscape

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  September 18, 2020

• Continuous Intelligence: Expert Discussion [Video and Podcast]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 14, 2020

• Artificial Intelligence: Governance and Ethics [Video]

  ARTIFICIAL INTELLIGENCE |  By James Maguire,
  September 13, 2020

• IBM Watson At The US Open: Showcasing The Power Of A Mature Enterprise-Class AI

  FEATURE |  By Rob Enderle,
  September 11, 2020

• Artificial Intelligence: Perception vs. Reality

  FEATURE |  By James Maguire,
  September 09, 2020

• Anticipating The Coming Wave Of AI Enhanced PCs

  FEATURE |  By Rob Enderle,
  September 05, 2020

• The Critical Nature Of IBM’s NLP (Natural Language Processing) Effort

  ARTIFICIAL INTELLIGENCE |  By Rob Enderle,
  August 14, 2020