Sadly, that front-page story about your data breach is just the beginning

IDC Canada data suggests there are still a lot of organizations under-investing in mobile security. Think through the long-term repercussions


IT security reputational damage Canada

It’s hard to imagine anyone starting a new print newspaper today, but the image on Sanjay Khanna’s slide deck still resonates: It’s a cartoon-like picture of a man brandishing the front page of a broadsheet called THE DAILY BREACH.

The senior analyst for mobile phones at IDC Canada was among a group of speakers at a Toronto Region Board of Trade luncheon last week, where he was talking about the increased need for security on devices. His point with The Daily Breach was obvious before he even went on to explain it: No one  wants their organization to wind up as a headline in a story about a failure to adequately protect sensitive information.

In fact, according to an IDC Canada research study on this issue, Khanna said only 59 percent of the 120 CIOs surveyed said they have deployed mobile security solutions.

“That’s like saying 40 percent of Torontonians will put locks on their doors. That’s what this situation amounts to,” he said.

He’s right, but I think part of the problem comes down to the fact that people still imagine coverage in The Daily Breach is the worst-case scenario they face. Reputational damage is a real thing, and people do get fired for IT security fiascos (see Exhibit A: former Sony exec Amy Pascal) but the fallout can go much further than that.

People will get over the immediate scandal, but the loss of trust can linger on and cause issues elsewhere. As more organizations create mobile apps to engage with their customers and partners, they will be counting on people to actually install and regularly use them. That won’t happen if people worry the app will open a back door to hackers, or render their smartphone or tablet inoperable.

On a broader scale, mobile technology allows people who once would have required everything to happen at their headquarters to perform key activities outside the office. In that sense, smartphones and tablets become an extension of a company’s physical environment. You would never get a customer to walk through your door if they were worried that thieves were lying in wait on the other side. If mobile device and network security isn’t taken more seriously by enterprises and SMBs, customers may be reluctant to welcome you into their offices, too.

Perhaps most critically, success as a business depends largely upon having the right information at the right time. For all the talk about big data, many firms need to gather more data than they ever have before, but that requires trust on the part of those handing it over. There are now retailers where I no longer give away my e-mail address at the checkout, and I use cash instead of credit or debit. They still get my money, but they lose out on data that could be used to nurture their relationship with me. That’s the incalculable cost of IT security problems.

As with many controversies, what gets published on the front page of the mythical Daily Breach are big news one day and forgotten the next. If they want to prioritize their security budget dollars and avoid the worst mishaps, IT departments need to spend more time thinking of the often deeper, far more interesting stories that happen behind all the headlines.

Comments are closed.