The Business of Clouds and the Risks of Being There

A session at ECS lead by

  • Drew Bartkiewicz, Vice President of Cyber Risk and New Media Markets, The Hartford
  • Robert Parisi, SVP & National Technology, Network Risk & Telecommunications Practice Leader, FINPRO, Marsh USA

Quotes

Drew: “The profession of a cloudster is yet to be written.”

Bob: “Are you giving someone a threat that they are unable to handle? It’s like giving your 16 year old the keys to the Camaro”

Drew: “Developers are doing things that CEOs don’t know about. The costs are low. But just because you can, doesn’t mean you should. You need to set guidelines for your developers.”

Slides: “The original assumptions for business risk and liability are no longer valid. However, it appears that the upside outweighs the downside.”

Drew: “Where does contextual marketing stop and surveillance begin?”

Drew: Two words that came up a lot today – Uncertainty (12 times) and Aggregation (I lost count)

Drew: “There are eight examples of companies that were sued not for their lack of professional standards but for the lack of professional standards of their users. Companies need to be aware of this risk.”

Bob: “You’re now taking on all the risks of your cloud provider’s own business, and of the interdependency between you and them, as well as their own.”

Drew: “The wealth-generating companies of the future are those that grow, leverage and process their information assets”.

Drew: “On average we shared 12 personal attributes of ourself even back in the year 2000. The amount we share is growing exponentially. Most of these companies are not in the cloud, companies are taking ownership of this data. You might even know some of this data exists.”

Bob: “The fact we’re saying CIO instead of CTO is a recognition that companies are waking up to this. We are not just working with the IT people any more. Companies are starting to realise that they need to take a wider look at how they handle data, what they collect, where they store it, and how long they keep it.”

Slides: “A new ecosystem calls for new ways to manage points of risk.. and aggregation”

Bob: Gartner came up with 7 questions companies should ask their cloud computing provider. Cloud computing providers should ask themselves these questions as well. If you fall short on these pieces, that piece will be leveraged against you.

Drew: “There is a business conduct gap in Cloud Computing. The professional laws and standards of care do not exist or are not broadly applied to cloud governance.”

In summary:

  • Think Open, Think Smart
  • Manage points of risk in the cloud
  • Insure for uncertainty.. or make sure your cloud partners are insured
  • “Cloud Insurance” does exist.