IT Security managers in hot seat following AOL disclosures
“Forced accountability” due to media pressure; key to avoiding problems is better communication with audit teams;
It is hard out here for an IT manager, as Maureen Govern learned last week when she was dismissed as AOL’s chief technology officer following the disclosure that the company had publicly released the search histories of 650,000 subscribers. AOL also fired two employees of its research division. Earlier this month, Ohio University made its own round of firings, sacking two top IT managers for failing to prevent a series of breaches discovered last spring.
As public outrage grows (recently, the Department of Veterans Affairs released a trove of personal data as well), IT managers are feeling like accountants at Enron — pressured to fall on their swords despite following established company procedures. This “forced accountability” is at least partly the result of the intense media scrutiny that data breaches now receive, said Bob Hartland, director of IT at Baylor University in Waco, Texas.
Lloyd Hessian, chief security officer at BT RadianzHessian, advises IT workers to forge close ties with their IT audit teams. “If you think you have an issue, go to Audit and tell them about it,” he said. If the audit group concurs that a security problem exists, it should be easier to get the resources needed to fix it, Hession added.
-read more in this Computer World report
