Taking the risk out of e-commerce.Rick Davis
At the relatively young age of 30, Rick Davis has just had reconstructive re·con·struc·tive adj. 1. Relating to or characterized by reconstruction. 2. Serving to rebuild, restore, or correct the appearance and function of defective, damaged, or misshaped body structures or parts: knee surgery and expects to have no less than three similar operations in the coming years, including both ankles and the other knee. Yet Davis could be considered healthy and in great shape. So why the surgeries? "I don't want to be 40 years old with aches, pains and nagging injuries slowing me down," says the former Stanford University Stanford University, at Stanford, Calif.; coeducational; chartered 1885, opened 1891 as Leland Stanford Junior Univ. (still the legal name). The original campus was designed by Frederick Law Olmsted. David Starr Jordan was its first president. football player. Such preemptive pre·emp·tive or pre-emp·tive adj. 1. Of, relating to, or characteristic of preemption. 2. Having or granted by the right of preemption. 3. a. surgery could almost be considered a representation of his current profession--risk management. Davis is the co-founder and strategic marketing and corporate development officer of Insuretrust.com, an Atlanta-based e-business risk management firm that focuses on companies whose operations rely on internal and external computer networks. "We have created a new space that combines the best elements of information security, consulting, risk management and insurance," explains Davis. "By combining these disciplines into a unified e-business approach, we effectively address all the critical exposures that affect e-business, the Internet and networked computer environments." The very same electronic connections that allow us to conduct business and communicate with business partners can be compromised by hackers or unscrupulous employees. Insuretrust conducts full-scale analyses that identify the areas of risk in your business and helps to protect them. Surprisingly, even with the myriad technologies and points of entry that comprise most corporate networks, Davis says the most common security risks are related to human error and miscommunication mis·com·mu·ni·ca·tion n. 1. Lack of clear or adequate communication. 2. An unclear or inadequate communication. . However, the risk of a security breach could be reduced if upper management paid careful attention to security issues. Here are the top three problems Insuretrust routinely addresses: * Lack of a companywide security policy. Many companies don't tell users how to protect their information and how to use networked resources accordingly. This is an accident waiting to happen. * Lack of executive sponsorship of security initiatives. Senior executives need to be an integral part of the security solution, which should also be a line item in the budget. * Lack of integration between business decisions and IT decisions. In the e-business environment it is imperative that decisions are made based on both business and IT considerations. For example, if the marketing department wants to create a shared network with its business partner, it is essential to have an IT perspective to make sure all security and infrastructure considerations are addressed from the beginning. Although internal breaches of security are still the most common type, there has been a dramatic rise in the number of successful "attacks" from the outside. Earlier this year Information Security magazine conducted a survey of over 700 companies that revealed a 91.6% increase in the number of companies suffering unauthorized access (hacking/cracking) intrusion between 1998 and 1999. "Companies conducting e-commerce suffer more frequent attacks than those that don't," says Andy Briney, editor in chief of Information Security. Fewer than 100 of the companies that suffered these invasions attributed a dollar amount to the attack--yet the total exceeded $23 million. "Traditional insurance companies insure Insure can mean:
Omaha is the largest city in the State of Nebraska, United States. It is the county seat of Douglas County.GR6 As of the 2000 census, the city had a population of 390,007. , native was employed as a computer security and systems integration consultant. "One of my customers asked me who was responsible if the security safeguards I'd installed failed to stop an attack. I told him he was," recalls Davis. At the customer's request Davis contacted the family firm to find out if there was an insurance policy that could cover this type of loss. The answer was no. By early 1997 Davis launched the Information Risk Management unit of the Davis Insurance Agency to capitalize on Cap´i`tal`ize on` v. t. 1. To turn (an opportunity) to one's advantage; to take advantage of (a situation); to profit from; as, to capitalize on an opponent's mistakes s>. the opportunity. "Rick realized the opportunity a couple of years ago and the rest of the industry is only just catching on," says Kevin Field Kevin Field is an English conductor, currently resident in Kuala Lumpur where he is the Associate Conductor of the MPO. Born in Berkshire, Field's first experience as a musician was as a percussionist. For much of the 1990s he played in the Bournemouth Symphony Orchestra. , a technology risk specialist with London-based Willis, a worldwide risk management firm. However, there was at least one other person in the country who was as far ahead of the crowd as Davis--Steve Haase. Haase, a 20-year insurance industry veteran, actually beat Davis to the punch by selling the first e-business security policy in 1997. "As soon as I heard about that policy I gave Steve a call," says Davis, who contacted Atlanta-based Network Risk Management Services to discuss a possible partnership combining Davis' technical, Internet and underwriting Underwriting 1. The process by which investment bankers raise investment capital from investors on behalf of corporations and governments that are issuing securities (both equity and debt). 2. The process of issuing insurance policies. experience with Haase's insurance policy expertise. "We were developing a new area and didn't have anyone from the technology field working with us," recalls Haase. "Rick calls me up out of nowhere and understands the whole market and was able to fill in the void in our planning and strategy." In January of 1998 Davis moved to Atlanta Slang for a 404 error on the Web, which is a link to a missing page. The area code for Atlanta, Georgia is 404. See 404 error. and joined forces with Haase to form Insuretrust. "When we made presentations, Steve would handle the insurance issues and I took care of the technical aspects," says Davis. Even with their combined expertise, Haase and Davis found that while many companies were listening, few were ready and eager to purchase additional insurance. "This segment of the industry has taken off quite slowly in terms of actually selling the policies," says Field, who adds, "The Y2K problem Y2K problem or Y2K bug: see Year 2000 problem. (Year 2000 problem) The inability of older hardware and software to recognize the century change in a date. is still at the forefront of everyone's mind, but electronic security and e-business insurance are getting a lot of attention." Currently, however, there are fewer than 10 agencies that offer e-business insurance. The high-profile outages at sites like eBay and E-Trade have raised awareness among companies that operate on the Internet. Some security experts believe both outages were the result of hackers, although only eBay has acknowledged its system was compromised. E-Trade recently lost a suit filed because of a power outage Noun 1. power outage - equipment failure resulting when the supply of power fails; "the ice storm caused a power outage" power failure equipment failure, breakdown - a cessation of normal operation; "there was a power breakdown" that lasted several hours, during which trades couldn't be made. "Had the E-Trade incident been caused by a breach of security or a hacker A person who writes programs in assembly language or in system-level languages, such as C. The term often refers to any programmer, but its true meaning is someone with a strong technical background who is "hacking away" at the bits and bytes. , our policy would've covered it," explains Davis, whose company offers first- and third-party insurance coverage. First-party covers damages or losses incurred by the policyholder Policyholder An individual who owns an insurance policy. , while third-party protects against suits initiated by someone who suffered a loss as a result of the policyholder's actions. Even in a mundane (jargon) mundane - Someone outside some group that is implicit from the context, such as the computer industry or science fiction fandom. The implication is that those in the group are special and those outside are just ordinary. field like insurance, the Internet is changing all of the rules. "The velocity and scope of disasters that occur in cyberspace Coined by William Gibson in his 1984 novel "Neuromancer," it is a futuristic computer network that people use by plugging their minds into it! The term now refers to the Internet or to the online or digital world in general. See Internet and virtual reality. Contrast with meatspace. have no real boundaries," states Davis, regarding the need for e-business risk management. "It's relatively easy to contain a fire to a specific location, but it's almost impossible to contain a virus in cyberspace." |
|
||||||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion