Cyber Security, User Interface, and You - Deloitte CIO - WSJ
- 1. 9/16/16, 1:47 PMCyber Security, User Interface, and You - Deloitte CIO - WSJ Page 1 of 2http://deloitte.wsj.com/cio/2015/10/15/cyber-security-user-interface-and-you/ Subscribe Sign In U.S. EDITION Friday, September 16, 2016 As of 1:47 PM PDT Business-led, Technology-enabled: Insight written and compiled by Deloitte Search Deloitte Insights SEARCH Deloitte Insights Video The Human Side of the Internet of Things Organizations are focusing their internet of things (IoT) initiatives less on underlying sensors and more on finding ways to use the information these sensors generate. In this video, find out the “human impact” potential from IoT, and the implications for CIOs pursuing IoT. Make Better Decisions Courtesy of the Core Organizations are reinventing their core systems to keep pace with innovation and evolving business needs. In this Tech Trends 2016 video, learn how transforming these foundational systems can not only help companies meet business goals today, but also establish a base for improved decision-making and future growth. Is Pokémon Go Augmented Reality’s Killer App? CIOs can learn a lot from the runaway success of “Pokémon Go,” the new mobile game that generated $35 million in revenue in the first two weeks following its release. But the most pressing lesson in the immediate aftermath of the app’s success may be to prioritize augmented reality development efforts to capitalize on consumers’ growing acceptance of the technology. Related Deloitte Insights A Cyber Risk Imperative: All Hands on Deck Andy Ozment, Ph.D., has dedicated his career to bolstering cybersecurity in the private and public sectors, most recently in his current role as assistant secretary for the Office of Cybersecurity and Communications at the Department of Homeland Security. As his tenure with DHS winds down, Ozment shares his perspectives on cyber risks, cybersecurity, and cyberdefenses. Hint: technology is low on his list. Security, Privacy in Consumer Products Sector Consumer products companies collect massive amounts of highly detailed information about individual consumers that cybercriminals would love to get their hands on. CIOs who make a priority of protecting this information may help their companies gain an advantage in an industry that has only just begun to address cyber risk. Can CIOs Use Risk to Power Performance? While risk management has long been part of CIOs’ job descriptions, risk-taking has been harder for them to stomach. A volatile business environment is now forcing CIOs to address an expanding array of technology-related risks. Owen Tweet Cyber Security, User Interface, and You Safeguarding company and customer information used to be solely the concern of those of us in the profession—but no longer. Digital is poised to pervade every facet of life not only because it makes living easier, but also because it’s fun— by design. Likewise, to do security right, we’ve got to ask not just whether it works, but if it’s user-friendly: simple to navigate, reliable, and pleasurable to use. To get there, we might ask what we can learn from other professions. We might put on not only our thinking caps, but also, at various times, an artist’s beret, Sherlock Holmes’ deerstalker, a brigadier general’s helmet, a blackjack dealer’s visor. We might need a psychologist’s couch, a teacher’s yardstick, and a coach’s whistle, as well. And that’s only the beginning. A few examples: Meteorologists track weather systems and consider past events to forecast where those systems will go, how they’ll behave, and what risks they pose. Other industries, including retail stores and Wall Street, use trend-tracking maps and no wonder: Maps provide an organized, big-picture view and are easy to understand. Should we in information security do the same, using data-generated maps to assess where the next systems attack might come from, who might be targeted, and the nature of the breach? This would give the user a useful, big-picture look at security threats—past, present, and future. The pharmaceutical industry uses RFID chips to track drug shipments, and law enforcement places them in certain medication bottles to capture thieves, giving customers an added measure of confidence and safety. What if our systems tagged data in a similar fashion, tracking it wherever it goes and allowing users to retrieve theirs—to snatch it back from hackers or even recall files sent in error? Not only would users know precisely where their information was going and who was viewing it—invaluable to law enforcement—but they’d have the power to erase it instantly, hopefully before it reaches the “darknet,” the Internet’s black market. Credit card companies in Europe offer “smart cards” with debit, credit, and phone card features. If lost or stolen, these cards self-destruct after a number of failed attempts to access their data. Could we program our data to self-destruct when someone tries to view it on an unauthorized device? Like the best security measures, this feature would protect a user’s information automatically, with no effort on their part. The entertainment industry has already figured out how to transform the security experience. One group of popular theme parks has eschewed the cumbersome password in favor of colorful bracelets that identify their wearers with a swipe of the wrist, unlock hotel rooms, simplify purchases, and make efficient and effective security more enjoyable to use. Most people don’t want to think about breaches, identity theft, or hackers. As UC San Diego physician-scientist Ajit Varki argues in his 2013 book Denial, avoiding the negative is a natural human tendency. The risks we encounter every time we log on are very real, but our users don’t want to be reminded of that. Taking a cue from other professions, can we consider our customers’ convenience and even their delight while keeping their information safe? How can we sugarcoat the security pill to sweeten the user experience? CONTENT FROM OUR SPONSOR Please note: The Wall Street Journal News Department was not involved in the creation of the content below. Home World U.S. Politics Economy Business Tech Markets Opinion Arts Life Real Estate CIO Report Consumerization Big Data Cloud Talent & Management Security ShareShare 112 PREVIOUSLY IN DELOITTE INSIGHTS NEXT IN DELOITTE INSIGHTS News, Quotes, Companies, Videos SEARCH
- 2. 9/16/16, 1:47 PMCyber Security, User Interface, and You - Deloitte CIO - WSJ Page 2 of 2http://deloitte.wsj.com/cio/2015/10/15/cyber-security-user-interface-and-you/ About Deloitte Insights Ryan, CEO of Deloitte Advisory, discusses the economic virtues of taking calculated risks and explains how taking chances on certain technologies can help power performance. Deloitte Insights for CIOs couples broad business insights with deep technical knowledge to help executives drive business and technology strategy, support business transformation, and enhance growth and productivity. Through fact-based research, technology perspectives and analyses, case studies and more, Deloitte Insights for CIOs informs the essential conversations in global, technology-led organizations. Read more. « Previous CIOs Can Use APIs to Drive Innovation Next » Deloitte CIO: Mobile is Central to IT Mission Tweet Email Print —by JR Reagan, Ph.D., principal, Global Chief Information Security Officer, Deloitte Touche Tohmatsu Limited. October 15, 2015, 12:01am Questions? Write to Deloitte CIO Journal Editor Deloitte refers to one or more of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee, and its network of member firms, each of which is a legally separate and independent entity. Please see http://www.deloitte.com/about for a detailed description of the legal structure of Deloitte Touche Tohmatsu Limited and its member firms. Please see www.deloitte.com/us/about for a detailed description of the legal structure of Deloitte LLP and its subsidiaries. Certain services may not be available to attest clients under the rules and regulations of public accounting. This publication contains general information only, and none of Deloitte Touche Tohmatsu Limited, its member firms, or its and their affiliates are, by means of this publication, rendering accounting, business, financial, investment, legal, tax, or other professional advice or services. This publication is not a substitute for such professional advice or services, nor should it be used as a basis for any decision or action that may affect your finances or your business. Before making any decision or taking any action that may affect your finances or your business, you should consult a qualified professional adviser. None of Deloitte Touche Tohmatsu Limited, its member firms, or its and their respective affiliates shall be responsible for any loss whatsoever sustained by any person who relies on this publication. Copyright © 2015 Deloitte Global Services Limited. Read More About: CYBER RISK, SECURITY & PRIVACY Wall Street JournalFacebookTwitter Google+YouTubePodcastsGooglePlay AppStore Windows 10 Back to Top Subscribe Why Subscribe? WSJ+ Corporate Subscriptions Apps Professor Journal Student Journal Customer Service Customer Center Live Help Redesign Guided Tour Tools & Features Newsletters & Alerts Guides My News Portfolio RSS Feeds Topics Video Center Watchlist Ads Advertise Advertise Locally Commercial Real Estate Ads Place a Classified Ad Sell Your Business Sell Your Home Recruitment & Career Ads More Conferences Content Partnerships Corrections Jobs at WSJ Make Time News Archive Register for Free Reprints Privacy Policy Cookie Policy Copyright Policy Data Policy Subscriber Agreement & Terms of Use Your Ad Choices Copyright ©2016 Dow Jones & Company, Inc. All Rights Reserved. Like Share One person likes this. Be the first of your friends. ShareShare 112 Subscribe / Sign In