Moving Beyond the Headlines: A Framework for Cybersecurity
Moving Beyond the Headlines: A Framework for Cybersecurity
by Brian Wrozek, Chief Security Officer, Alliance Data
Food, water, clean air: the basics. We all need these to survive. For businesses, next on the ladder of basics needs is security. These days, our sense of safety and security is being battered by steady waves of headlines. Large data breaches at reputable companies remind all of us that nation-state cyber terrorism, hacktivists and other threats are negatively impacting our digital world.
In response to this rising tide of public unease, the White House hosted its Summit on Cybersecurity and Consumer Protection on February 13th in conjunction with Stanford University. Business leaders also gathered at related local events in several States where public sector agencies from Washington, D.C., as well as local county and city officials echoed the President’s call for increased information sharing. Alliance Data’s Epsilon business sponsored one of the largest regional events at the University of Texas at Dallas, bringing together hundreds of public and private sector members and local authorities. Importantly, the President took executive action to reinvigorate key agencies, create new information hubs and reiterated his call for the adoption of the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure Cybersecurity.
The President signed an Executive Order, ‘Promoting Private Sector Cybersecurity Information Sharing,’ wherein he expanded the National Cybersecurity and Communications Integration Center’s authority to share information with the private sector. The President is encouraging the development of information sharing and analysis organizations to promote private sector information sharing around geographic centers, relevant industry sectors, or even specific cybersecurity threats. The intent is to make information sharing open to more companies and to develop automation mechanisms via common standards.
The President’s actions are intended to spur more relevant, timely and more applicable information sharing to allow both the government and the private sector to react more quickly to cybersecurity incidents, and more importantly to mitigate and minimize the possibility of these incidents happening in the future. Several of the Framework’s components are leveraged as part of our cybersecurity strategy and we are taking action by assessing where opportunities may exist to enhance our security protocols based on the NIST Framework. Alliance Data is active in the Financial Services – Information Sharing and Analysis Center. This enables us to take proactive measures to protect our information based on credible threat intelligence shared by industry peers.
Alliance Data supports strengthening public-private sector collaboration on this matter and are encouraged by the myriad of local, State and national agencies that are bolstering their cybersecurity efforts to enable companies to model responsible corporate citizenship.
Alliance Data will continue its commitment to safeguarding data and our systems. As the topic of cybersecurity continues to be an important matter, Alliance Data and its businesses are committed to continue to build trust and our reputation among our stakeholders.
———————–
Brian Wrozek is the Chief Security Officer for Alliance Data, where he has enterprise responsibility for the Corporate Security Office including information security, physical security and life safety, business continuity and disaster recovery, and information management and privacy. Brian is also an adjunct professor at the University of Dallas teaching Cyber Security in the College of Business Graduate School.