Gordon Ross: CIPS' Value; Business Risks with Security Threats "business can be held responsible for losses"
This is the next interview in the continuing series of Computing Canada’s (CC)Blogged Down (BD) which is featured here "first" in the Canadian IT Managers (CIM) forum.
We began this blog series on September 15th, 2006. I continue my talk with Gordon Ross, Internet Filtering Pioneer, Biometrics / Security / Telecommunications / Ethics / Privacy Expert, Founder of Net Nanny; President of Virtual Perceptions Systems Inc.
Today I discuss with Gordon: his involvement with CIPS and business risks of security threats.
Stephen: Gordon, you bring a lifetime of notable achievements and considerable contributions to our discussion. We thank you for doing this interview with us and sharing your deep insights with our audience.
Gordon: Thank you Stephen. I have been very fortunate to be surrounded by creative and progressive people most of my life. I have always enjoyed the challenges the technological world presents to us. I truly believe technology can drastically improve our quality of life; however, we must control it and not let it control us.
Stephen: Can you share your involvement with the Canadian Information Processing Society (CIPS: Canada’s Association of IT Professionals), and why you stay active with CIPS?
Gordon: I first attended a CIPS meeting in Vancouver back in 1990 where I presented a biometric solution for securing access to computer systems. It was at the invitation of other members I knew who were residents of the local chapter. After my presentation I signed up with the group and have attended their meetings as often as I could. I stay active with the group because it is an excellent resource for sharing information and networking with others involved within the security area. They also offer great social events after their meetings.
Stephen: Speaking as a noted security expert, what are the business risks associated with ID theft, fraud, and the exposure of digital assets? How can these risks be mitigated?
Gordon: There are many business risks associated with ID theft. Businesses have to be aware of the various legislative issues regarding their responsibility in protecting our information. With the appropriate stolen ID, one is able to access information that is strictly private and confidential. A stolen ID is able to be used in a number of various inappropriate or unauthorized ways.
From a business standpoint, the business can be held responsible for losses that occur by accepting ID that is actually fraudulent, but unfortunately to the business, it checks out to be real. Most merchants are held liable for the fraudulent transactions. Insurance costs can increase for the small business to a point where they may not be able to afford certain coverage. Credit ratings can be destroyed. Intellectual Property and trade secrets can be stolen (these are just a few examples).
Well-defined policies and procedures have to be in place. Any personal data that a business maintains on a client should be encrypted. There have been a number of highly publicized incidents where systems have been breached. In one case the company was fined millions of dollars for not having properly secured their data, let alone the millions it cost for notifying its customers. It is very important for businesses to also educate their employees on these security risks.
Stephen: How do you see these areas evolving in the future?
Gordon: I believe in the future we will always have these security issues; however, technology is being developed to minimize the risk. Biometrics and other multi-factor authentication systems will be used. More control has to be put into the individual’s hands. We have come to a point where the overall bureaucratic system cannot look after the individual’s needs in this area. Technology has to be made simple, yet effective, for the average individual to use, and more importantly, accept.
________________________
In the next blog, Gordon will discuss privacy challenges for business, and biometric security.
I also encourage you to share your thoughts here on these interviews or send me an e-mail at sibaraki@cips.ca.
________________________
Computing Canada (CC) is the oldest, largest, most influential bi-weekly business / technology print publication with an audience that includes 42,000 IT decision makers in medium-to-large enterprises. For more than 30 years, Computing Canada continues to serve the needs of Canada’s information technology management community—you can request your free subscription at: https://www.cornerstonewebmedia.com/plesman/main/Subscription.asp?magazine=CCA.
For the latest online business technology news go to: www.itbusiness.ca
________________________
Thank you,
Stephen Ibaraki, FCIPS, I.S.P.