Company Reputation and Financial Stability Risks

By Mark Johnson  |  Posted 2010-03-08 Print this article Print

Company reputation and financial stability risks

The risks associated with storing card data go beyond the regulatory or compliance realm. Considerations also include company reputation and financial stability. Some companies would not be able to survive a data breach.

Other companies, because of their financial strength, could just "write a check" for the damages and rely on marketing or public forgiveness for an unfortunate event. But a data breach isn't something a company wants to experience to find out the goodwill it may have in the eyes of consumers.

Another risk associated with credit card data storage is the investment, proper use and required administration of the technical infrastructure that is protecting the data. Technology changes at a very rapid pace and maintaining up-to-date technology is not a trivial investment a company must make. In a company's risk assessment program, a cost-benefit analysis (CBA) must be conducted to determine the value of the investment required to comply with standards and to properly protect the stored data.

Here is one analogy worth considering. If a homeowner who lives in a high-crime area is known to possess some valuable jewelry, why would they want to install iron bars over their windows and put strong locks on their doors to prevent or reduce the possible exposure to a break-in? That homeowner would possibly be investing more money in securing the house than perhaps is the value of the goods being protected. So, the homeowner might strongly consider using a bank safe-deposit box instead. Or they may even purchase additional insurance coverage to cover the cost of a possible loss. But the insurance coverage would also have to cover the cost of the resulting damage that the house would suffer.

Mark Johnson is CIO of ProPay. Mark has over 24 years in the IT industry. Prior to joining ProPay in early 2008, Mark was senior vice president of IT and security officer for one of the nation's Top 25 issuing and acquiring banks. Mark's experience includes software development of financial systems for a multibillion dollar organization, director of computer science for a Salt Lake City-based junior college, and director of technology operations for FranklinCovey. Mark has also served in the United States Air Force as a statistician where he earned the Air Force Commendation Medal. Mark holds a Bachelor's degree in Computer Science from Idaho State University and a Master's degree in Business Administration from the University of Phoenix. Mark is also a Certified Payment-Card Industry Security Manager (CPISM). He can be reached at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel