Q&A with Alan Edwards, Integralis

Integralis recently released the results of a survey into online data protection and trust. What was the key takeaway figure from that research? (http://integralis.com/en/about-integralis/integralis-in-the-news/nid-00241/one-in-four-customers-admit-they-do-not-trust-companies-to-secure-their-personal-information-online/)
If you look at organisations today, many will have implemented a security strategy based on perimeter defence. The principal is simple, build a wall high enough to keep the bad guys out, and control the resources (people, processes and technology) that operate inside the firewall (perimeter).

However, many businesses have consumers who are connected to them in order to do business, which calls into question the original idea of the ‘perimeter’ or at least raises the question of where the perimeter now is. If I’m connected to my bank I am part of their network, and unknowingly have as much potential to introduce risks onto the bank network as one of their employees. My interaction with the bank could, inadvertently, create a problem for the bank in the same way that an employee could.

Maybe it’s time for organisations to consider the fact that the perimeter has gone and to treat customers who connect to them in the same way as they treat their staff, in terms of education  and making them  aware of the risks.

Banks seemed to do well in terms of trust online, with 63% of respondents trusting their bank with online transactions. Why do you think that is?
Despite what has happened recently, banks have historically been trusted and, in an online sense, banks do better at educating their customers. In my experience banks lead the way in communicating with customers in terms of which attacks they may be vulnerable to. They are also good at educating customers in what they can do to protect themselves, which in turn helps protect the bank from risks borne by online users.

Banks have also been proactive in terms of security measures like two factor authentication. That seems to be a conscious decision from the banks, who see their customers are part of their network and are therefore extending this level of authentication to them too.

Social networks came out bottom in terms of trust online – but that lack of trust doesn’t seem to stop people from using them.
Social networks top the overall usage charts, but rank bottom in terms of trust. It seems that in the online world people behave totally differently, and convenience overweighs any risks.

Turning to the RANT conference – these stats should worry attendees, if the vast majority of people simply don’t trust online businesses with their data.
The message to attendees is about how you start to bring trust into your risk or information security strategy. If the focus is just on the perimeter and not on the access consumers have to the network, then it is likely that your data is at greater risk, and that your users don’t trust you as much as you perhaps would like.

What is the message Integralis wants to deliver to the event?
The title of the discussion we’re running is ‘In banks we trust and in trust we bank’. Our message to CISOs is to start considering your customers as part of your network, and educate them and provide the tools to protect themselves just as you would with staff. In this way not only will your business be more secure, but your customers may even start to invest their trust – which must be worthwhile.

 

 

Our accreditations & Partners

  • REC Member
  • VTC - Virtual Technology Cluster
  • Bloom Nepro
  • YPO
  • Crown Commerical Service
  • Disability Confident
  • ISO 9001
  • Armed Force Covenant
  • Cyber Essentials Plus
  • ISO 27001

Thanks

Success

Thanks

Success

Thank you for signing up to the acumin alerts.

Send CV

Send us your CV and have our recruiters match you to the ideal opportunities

Do you already have an account with us?

Log in

Want to have an account with us?

Register

Want to just send us your CV?

Upload only doc, docx, odt, pdf format file.

By submitting your registration and CV to us you are agreeing to join our database and to be contacted about relevant jobs industry communications. Please read our terms of business for more information.

Password reset

If you need a reminder for your password, fill out the field below

Log in

Access your account to edit your contact details, job alerts or to upload a new CV

Thank you

Success

Thank you for successfully uploading your CV.

Acumin Alerts

Success

Thanks for registering for Acumin alerts.

Acumin Alerts

Unfortunately your CV could not be uploaded

Please make sure your CV is one of the following file types: doc, docx, odt, pdf, rtf

Acumin Spam

Unfortunately your submission has been declared spam. Please try again.

Vacancy

Success

Thank you for submitting your vacancy.

Register

Create an account to register your contact details, sign up for job alerts and upload your CV

Success

Thanks for registering for Acumin alerts. To get the most out of Acumin's service why not register with us?

Upload only doc, docx, odt, pdf format file.
- Practitioner
- Commercial

I agree to the terms and conditions and to be contacted by recruiters:

I agree to receive marketing communications relevant to my job search:

I agree to receive Jobs By Email for the following professions:
- Business Continuity Management
- Counter Fraud
- Cyber Security
- Executive Management
- Governance & Compliance
- Information Security & Risk Management
- Penetration Testing & Digital Forensics
- Sales and Marketing
- Sales Engineering
- Security Management
- Technical Security
- Information/Risk Assurance
- Identity Management
- Application Security
- Security Architecture
- Dev/Sec Ops
- DV & SC Cleared Jobs
- Programme & Project Management
- CISO/CSO

Submit a Vacancy

Use the form below to submit a vacancy