Solid Risk-based Approach towards Information Security is Critical

Robert Lewis, SVP & CIO, Assurant, Inc

Robert Lewis, SVP & CIO, Assurant, IncRobert Lewis, SVP & CIO, Assurant, Inc

Solid and Risk-based Approach towards Information Security is Critical

People have increasingly become dependent on connected devices to manage their lives. A perfect example would be telematics which is commonly used in vehicles.  As technology is getting embedded into day-to-day life, the impact from disruptions would grow along with the demand to become quickly and easily reconnected. Assurant is responding to this trend by creating solutions that keep products, connected to each other, customers connected to their products and clients connected to their customers.

Technology in Abundance

Presently, we are witnessing an abundance of technology. I struggle less with finding technology than the day-to-day account management provided by vendors. Moreover, we also discovered that majority of vendors have difficulty articulating a clear strategy and managing an account from an enterprise perspective.

Most large vendors can be driven by quarterly earnings and lack strong customer focus. With respect to this, many technology vendors have been in acquisition mode and three things frequently happen. First of all, good employees would leave, secondly, innovation ceases to be a priority. Finally, prices increase to cover the acquisition costs and overhead.

Vanishing Traditional Boundaries

There are numerous challenges encountered by CIOs. Among those, the alignment with stakeholders and compressed product delivery cycles are to be highlighted. Traditional boundaries are increasingly getting blurred as more parties get involved in delivering business solutions to the end customer, thereby making alignment with all stakeholders highly critical. Quite often, the result is a solution for the customer that is simpler and easier to use. However, the underlying architecture could be more complex.  This requires CIOs to serve as technology providers and brokers for other services. In addition, speed to market is becoming crucial. Considering employees and customers, few have the patience to wait for a solution. As a company, Assurant continues to rapidly pick up the pace and adapt faster to changing market conditions. This might seem counter intuitive for a company in the insurance industry, which has long been seen as risk averse, methodical and slow in making changes. However, buying and selling insurance in these times is radically different than five years ago and it continues to evolve at a rapid pace.

Innovation in Technology

Innovation is critical in the industry. To drive innovation, Assurant encourages flexible, adaptive leadership that allows employees the increased freedom to adapt quickly, align resources to solve problems and exploit opportunities to keep up with relevant trends; and, actively seek other points of view.

From a tactical standpoint, we have implemented an architecture team that is given encouragement to work with vendors and suppliers on new ideas. Additionally, the team visits companies outside our industry to understand how they leverage technology for competitive advantage, and that is tasked to figure out "what's next."

Challenges Encountered

Among others, Cybersecurity, Device Diversity and Management and Integration across Platforms are significant challenges affecting today’s CIOs.

Cybersecurity: As the recent Shellshock vulnerability and JPMorgan breach have highlighted, it is critical to have a solid risk-based approach towards information security. Importantly, cybersecurity is not just an issue for IT, it is an issue that all employees need to be aware of and take ownership of.

Device diversity and management: Considering the huge number of devices utilized by our customers to access technology offerings, it is critical to ensure functioning of applications across devices, which is often challenging. In addition, the distinctions between smartphones, consumer electronics and other connected devices such as appliances are becoming blurred.  Therefore, we've adapted our products and services to account for this breakdown of traditional silos, as well as to meet the needs of the clients and consumers we serve.

Integration across platforms: It is important to be able to integrate and leverage data from legacy systems, running on proprietary software.

Weekly Brief

Read Also

Building a Comprehensive Industrial Cyber Security Program

Building a Comprehensive Industrial Cyber Security Program

Mohamad Mahjoub, CISO, Veolia Middle East
Bolstering Cybersecurity

Bolstering Cybersecurity

Amr Taman, Chief Information Security Officer, Al Ahli Bank of Kuwait
Building Untrusted Networks to Improve Security

Building Untrusted Networks to Improve Security

Earl Duby, Vice President and CISO, Lear
Security challenges that companies face when implementing telehealth and the solutions and best practices for managing the risks

Security challenges that companies face when implementing...

Stefan Richards, Chief Information Security Officer, CorVel Corporation
Building Cyber Resilience during Covid-19

Building Cyber Resilience during Covid-19

Aleksandar Radosavljevic, Global Chief Information Security Officer, STADA
IAM may help secure data, but it needs to be protected as well

IAM may help secure data, but it needs to be protected as well

Marc Ashworth, Chief Information Security Office, First Bank