CERIAS - Center for Education and Research in Information Assurance and Security

Skip Navigation
Purdue University - Discovery Park
Center for Education and Research in Information Assurance and Security

The Holy Grail of E-Business Risk Management: Creating and Sustaining the Insurable Standard for E-Business Security and Assurance

Rick Davis - Aon Corporation

Apr 28, 2000

Size: 129.6MB

Download: Video Icon MP4 Video  
Watch in your Browser   Watch on Youtube Watch on YouTube


In order for e-commerce and e-business to grow at the fullest extent possible, higher levels of trust and accountability need to become established. The corporate buyers who rely on reliable structures need to hold those who build and support commercial network initiatives (call them "infrastructure and service providers") responsible for things that go wrong. Downtime, outages, viruses, data integrity, data confidentiality and hacker damage are some of the losses that providers need to prevent and absorb in a proactive manner. Today it is the ecommerce buyer / user who get stuck holding the bag. In the near future it will be the provider who will be held responsible.

There is a world of difference between information security and e-business risk management. Traditional info security just looks at the technical / network controls that ecommerce relies on. Ebusiness risk management takes a multi-disciplinary approach that instills controls throughout the enterprise, not just in the technology. This multi-disciplinary approach addresses the legal, operational, financial and technical controls that must be present in all ebusiness environments.

Addressing an aspect of the financial controls, insurance is a necessary element in all ebusiness risk management strategies. If a loss occurs (which it always will - there's no such thing as a 100% perfect system), a specialized insurance policy is the financial mechanism that will allow the ecommerce provider to absorb the loss and pay for the damages.

About the Speaker

Rick is a recognized pioneer in the e-business risk management industry. Rick is widely acknowledged for creating the world\'s first e-risk insurability standard for underwriting e-business exposures. Since graduating from Stanford University in 1991, Rick has developed asset protection strategies for mission-critical e-business environments. He has been an executive manager in the Electronic Commerce / Internet / Information Security industry his entire career and has specialized in creating multi-disciplinary e-business risk management solutions (combining information security, traditional risk management and insurance) for nearly four years.

Aon Corporation (world\'s 2nd largest risk management and insurance broker) recently hired Rick as Vice President of Sherwood Insurance, an Aon-owned wholesale broker. Under the Sherwood banner, Rick is responsible for defining the Aon corporate e-business risk management initiative and creating a consulting practice that will be delivered to Aon\'s Global 2000 customers.

Unless otherwise noted, the security seminar is held on Wednesdays at 4:30P.M. STEW G52 (Suite 050B), West Lafayette Campus. More information...


The views, opinions and assumptions expressed in these videos are those of the presenter and do not necessarily reflect the official policy or position of CERIAS or Purdue University. All content included in these videos, are the property of Purdue University, the presenter and/or the presenter’s organization, and protected by U.S. and international copyright laws. The collection, arrangement and assembly of all content in these videos and on the hosting website exclusive property of Purdue University. You may not copy, reproduce, distribute, publish, display, perform, modify, create derivative works, transmit, or in any other way exploit any part of copyrighted material without permission from CERIAS, Purdue University.