He's back! My favorite whipping boy, Richard "Dick" Baich is back with some commentary on the elite SWAT-team that is the ChoicePoint information security organization. Check out some of the choice commentary from everybody's favorite CISO:
(on why it's not a security breach) "It's no different than credit card theft and credit card fraud. Those are never referenced as IT-related issues though they happen millions of times every year..."
Have I said recently how much I love this guy? I mean, credit card theft is not an IT issue? Where has this guy been?
(on whether their security is improved) "We are looking at our entire credentialing process, the entire business process and how it's being done." [So, does "looking at" mean that they've done anything or just that there's people sitting around talking about it?]
"We are looking at putting additional technologies in place and the way we do business with others." [Jeepers, all this looking, but where's the doing?] "We actually went down to an even better level by looking at the type of data they need."" [he had me going there - I thought at first he was going to say they took action, but I guess there's just more looking.]
And the wisdom continues for a few more questions; typical Baich fodder for the most part. But you know what the punch line is? His book, "Winning as a CISO" was just released where he outlines his model for success in information security. Oh, I'm quite serious. Needless to say, that's on my summer reading list. Not.
Don't worry Rich; I'm sure myself and others like me will be there to remind folks about the salient facts. Like the fact that your company's spokeswoman said last week that promised data security improvements are overdue and not likely to see realization in the near future or that to-date the only action taken by ChoicePoint to increase data security was the one item specifically required by federal law (the public records report.) Some people are watching.
Posted by Ed at June 27, 2005 11:06 AM