Names: Al Decker and Rebecca Whitener
Claim to Fame: The duo behind EDS security practice
Web Info: www.eds.com
The challenge of a business launch is nothing new for Al Decker and Rebecca Whitener.
The duo helped establish IBM Global Services security and privacy practice in 1998 and two years later founded their own consulting firm. So when Decker and Whitener joined Electronic Data Systems on Aug. 1 to head the integrators global online security and privacy business, they expected the usual new-venture drill. What they couldnt anticipate was that, in a matter of weeks, their latest enterprise would be caught up in the nations most staggering security crisis.
But thats what happened. The devastating Sept. 11 attacks on the World Trade Center and the Pentagon put the entire nation on security alert. Decker and Whitener soon found themselves besieged with calls from organizations concerned about cyber security. In the days following the attacks, inquiries increased 150 percent. Utilization of security and privacy consultants doubled, the executives report.
“Weve seen clients become more interested in business continuity … identifying critical applications and establishing an emergency response team so that in the event of an incident they are ready to go,” Whitener says. Project proposals that languished for months have suddenly resurfaced, Decker adds. Typically, customers are saying, “Give us a health check; let us know we are doing the right thing,” Decker notes.
But corporate and government entities dont always do the right thing when it comes to security. Experts testifying on security before a House subcommittee last month said the nations computing infrastructure remains highly vulnerable to attack, despite years of warnings.
Indeed, Decker and Whitener have been advocating security and privacy practices for more than 25 years. They acknowledge that their message hasnt always been well received. “Its like buying insurance,” Decker says of security services. “My house isnt going to burn down, so I dont need fire insurance,” is the attitude some organizations have taken, he notes.
Still, Decker contends that corporations today are much more interested in information security than they were 20 years ago. Whitener has noticed a similar evolution in the privacy realm. Privacy, she says, has gone from “a non-issue to a very important issue. In the last year, theres been an increasing interest or concern on the part of companies to manage privacy.”
Against this backdrop, Decker and Whitener say they have pioneered the notion of offering security and privacy consulting as an integrated service. They first collaborated on the idea at IBM Global Services and later at Fiderus, a Cary, N.C., consultancy they created to focus on security. As the economy slowed, Decker and Whitener decided to move Fiderus, en masse, to EDS.
At EDS, the executives continue to blend information security and privacy, which they view as intertwined. They view privacy as the management of how organizations use and share customer data. And part of that management task is ensuring the security of customer data and transactions.
Customers have plenty of reasons to buy the concept, whether they wish to fend off online saboteurs or Federal Trade Commission citations. But Decker and Whitener believe companies have an incentive beyond staving off disaster.
“We try to encourage them to think of security and privacy as a trust enhancement to their business,” Decker says. “If we improve trust … we will improve revenue.”
In other words, theres a security carrot as well as a stick.