When Mike Trevett, chief information security officer at LV=, took the stage at June’s Data Summit, his message was undoubtedly one that most data practitioners would rather not think about – that their data assets could get stolen, possibly by an intruder, probably by an insider.
It was a cold bath of reality after the usual warm shower of messages that data is good for the business and helps it to grow. Trevett knows the upside of data well enough, having worked in data-driven marketing roles at BT, DunnHumby and LV=. Perhaps this is why his presentation invigorated the summit audience, rather than alienating them.
“I firmly believe that good practice in information security can offer an organisation competitive advantage, particularly in a time when customers are looking for companies they can really trust,” says Trevett. “Probably a rhetorical question, but would you trust your personal information to a company with a track record of substantial data loss?”
It was one such incident that triggered his own move out of marketing and into his current role. “When the spotlight was suddenly turned on information security in November 2007 when HMRC lost their CDs in the post, my background meant I was in a position to take on Information Security for LV=,” he recalls.
The ability to move into what can appear a very technical job was undoubtedly enabled by his career focus on the “systems end” of marketing, as he puts it. This has included being responsible for LV=’s customer data, building a single customer view from the multiple silos of data held by the general insurance, life and partnerships divisions.
In marketing, Trevett needed to exploit this data asset to drive profitable growth. As CISO, the goal is also a direct one. “We have only one main KPI – don’t lose any data! Naturally, there’s a scorecard of measures that monitor the various controls we have in place. But in essence, so long as the information’s secure and the controls aren’t strangling the business, then this measure stays in the green,” he says.
Threats to data security have remained high profile in the wake of HMRC, not least with the hefty £3 million fine handed to HSBC by the FSA. This has ensured that the issue continues to rise up the corporate agenda and attract senior support and investment.
“In the nine years I’ve been at LV=, I’ve seen the culture change to one where data has become more embedded in both the operation and the decision-making processes. I believe LV= uses the data at its disposal appropriately, but I wouldn’t say the culture is entirely data-driven and I’m not certain that it should be. There should always be room for creativity and innovation as well as hard facts,” he says.
For some companies, this has meant investing in data protection technologies. But Trevett argues that it needs to be as much about “hearts and minds”, with top-down leadership and a proper transformation programme. Clear communication is also important to ensure everybody in the business understands its importance.
Trevett’s marketing background undoubtedly helps with this aspect of the job. His personal skills as a communicator are evident to anybody who has met him and he is one of those individuals that both marketers and data practitioners count themselves lucky to have worked with. That knowledge is about to be sent to market as Trevett sets out on his own, offering consultancy on data issues. (For more information, email to firstname.lastname@example.org)
“Particularly in the current economic climate, the demand for data-driven marketing strategies will grow and those people with the skills to capitalise upon this will do well,” says Trevett. “I think that there will be demand for professionals with broad experience, from data strategy, through security to analytics and the practical application of data to drive business decisions.”