Event Recording
Interview with Rolf von Roessing, ISACA
Day two of the European Identity Conference 2011
Video transcript
So how are companies reacting to the increasing threat level in identity and security?
I think they're generally reacting in two ways. On the one hand, they're quite mindful of the fact that these things are coming and they're risks increase by its same token that incidents are multiplying and they're making the press and they are indeed sort of bringing in new budgets as well as new people specialists. They're increasingly relying on external consultants, but generally speaking, I think much of what they're doing is more of the same, which is a fight they're bound to lose.
Increasingly you have the impression that companies are sort of staving off responsibility and handing it off to their customers, thus essentially leaving them alone with the problem. Is this a sustainable model?
No essence. You see in many general terms and conditions that are in contracts between customers, if you will end users and companies, those companies try to S save off liability. They try to impose certain clauses in there that will put customers as a DISA at a disadvantage. Having said this, I think that is no longer a viable option, basically, because if you want the customer's money, you will have to look after their protection as well. So it's not good enough just to sort of make your profit and go away with it. But with the increasing linkages and the increasing networking that customers have through social networks, through the electronic business channels, companies should take responsibility for protecting their customers, not just in the sense of consumer protection, acts at legislation, but much more in the sense of being caring and, you know, sort of exerting their power if you will, to bring in good governments and to, to bring in some understanding of customers as well,
Of course, companies generally are more interested in their bottom line than in any possible moral responsibility that they might have. Do you think it is actually making good business sense to be more aware of the needs of your customer?
Oh, absolutely. I mean, a happy customer is a paying customer and basically whatever you do as a corporate player to make your customers happy, may not pay off in the first instance, but in the long run, it'll certainly put you at an advantage, particularly with a view to the competition, not doing the same thing. So part of competitive behavior, if you will, today is necessarily to look after your customers and provide the requisite level of security that they're expecting.
I think they're generally reacting in two ways. On the one hand, they're quite mindful of the fact that these things are coming and they're risks increase by its same token that incidents are multiplying and they're making the press and they are indeed sort of bringing in new budgets as well as new people specialists. They're increasingly relying on external consultants, but generally speaking, I think much of what they're doing is more of the same, which is a fight they're bound to lose.
Increasingly you have the impression that companies are sort of staving off responsibility and handing it off to their customers, thus essentially leaving them alone with the problem. Is this a sustainable model?
No essence. You see in many general terms and conditions that are in contracts between customers, if you will end users and companies, those companies try to S save off liability. They try to impose certain clauses in there that will put customers as a DISA at a disadvantage. Having said this, I think that is no longer a viable option, basically, because if you want the customer's money, you will have to look after their protection as well. So it's not good enough just to sort of make your profit and go away with it. But with the increasing linkages and the increasing networking that customers have through social networks, through the electronic business channels, companies should take responsibility for protecting their customers, not just in the sense of consumer protection, acts at legislation, but much more in the sense of being caring and, you know, sort of exerting their power if you will, to bring in good governments and to, to bring in some understanding of customers as well,
Of course, companies generally are more interested in their bottom line than in any possible moral responsibility that they might have. Do you think it is actually making good business sense to be more aware of the needs of your customer?
Oh, absolutely. I mean, a happy customer is a paying customer and basically whatever you do as a corporate player to make your customers happy, may not pay off in the first instance, but in the long run, it'll certainly put you at an advantage, particularly with a view to the competition, not doing the same thing. So part of competitive behavior, if you will, today is necessarily to look after your customers and provide the requisite level of security that they're expecting.
Stay Connected
How can we help you