Chief Financial Officers Should Take Responsibility for All Data Security, Says Vormetric's Teruel
The CFO is Best Positioned of All Executives to Evaluate Assets and Enforce Controls, but Few Companies Recognize It
SANTA CLARA, CA - July 31, 2007 - Chief financial officers should bear ultimate responsibility for protecting the vital data and information residing within their organizations. No executive is better positioned than the CFO to take charge of this critical function, maintains Frank Teruel, chief financial officer of data security provider Thales eSecurity, Inc.
Teruel challenges the conventional thinking of many CFOs, senior management teams, and boards of directors in the initial posting to Data Security and Compliance, a new blog published by Thales eSecurity. Data pirates are getting more sophisticated all the time, but too many companies are lethargic in their defensive efforts and prefer to portray themselves as victims, he writes.
Most organizations have traditionally delegated responsibility for deciding what data needs protection to members of its IT staff. But according to Teruel the CFO is the one who is best able to qualify and quantify the inherent value of data, determine where in the enterprise that sensitive data lives, and calculate potential costs associated with breaches. The CFO is also best suited to take charge of strengthening the organization's internal control environment to ensure that all vital information remains secure.
"One of my colleagues is fond of saying that the responsibility for data security moved up from the server room to the board room after so many horrendous breaches and data thefts took place in 2006. It's painfully obvious to executives that having your company's intellectual property stolen or your customers' data copied by thieves can be ruinous to your brand," said Teruel, Thales eSecurity financial vice president and CFO.
"However, it's clear that not everybody in the board room or the executive suite yet knows what to do with their new data security responsibility. Nor, apparently, do all of the experts seem to get it. Just this past week, I saw a security survey from one of the leading analyst firms. It listed nine possible choices for primary responsibility for data security. The CFO was not mentioned. That's a glaring omission, in my opinion. It shows
a lack of understanding, both of how business works and of the inherent responsibility of CFOs to protect and preserve corporate assets."
About Thales eSecurity
Thales eSecurity is the leader in data security management and enforcement solutions. Vormetric Data Security provides a centrally managed, high performance, easy-toimplement, distributed solution that solves the pressing compliance, security and risk management challenges facing today’s enterprises and government agencies. Thales eSecurity application- and database-transparent solution outperforms other offerings to provide stronger and broader data security at a fraction of the management and implementation cost.
Thales eSecurity more than 230 customers represent the world’s most trusted brands in financial services, retail, manufacturing, healthcare, media, energy and telecom industries as well as highly security conscious government agencies.
Thales eSecurity technology has received strong market validation for its innovative approach to data security, including:
- Selection by IBM as the core database encryption solution for DB2 and Informix on LinuxTM, Unix® and Windows
- Computerworld Technology Innovation Award
- Selection by Symantec to provide the Symantec Veritas NetBackupTM Media Server Encryption Option
- Partnership with Oracle to secure the execution environment for Oracle® Database Vault
- Five patents issued and nine patents pending
Thales eSecurity is a trademark of Thales eSecurity, Inc. All other names mentioned are trademarks, registered trademarks or service marks of their respective owners.