02:38 PM
Connect Directly

CIO Turnover: It's Business, Not Personal

"It's not personal, it's strictly business." This phrase, and numerous variations on it, is not only among the three Godfather films' many additions to our culture -- it also is a guiding principle in the business world.

"It's not personal, it's strictly business." This phrase, and numerous variations on it, is not only among the three Godfather films' many additions to our culture -- it also is a guiding principle in the business world.I was reminded (again) of this truism when I learned that Craig Lowenthal has left the CIO position at NYMAGIC. Lowenthal, a long-time insurance technology executive who also held senior IT positions with Hartford Financial, Integro and Reliance, joined NYMAGIC in 2007 with a mandate to overhaul IT at the New York-based carrier. He embarked on several ambitious initiatives, most prominent of which was implementation of an entirely new policy administration system. Reportedly, it was difficulties and delays in the rollout of the system that ultimately caused Lowenthal and NYMAGIC to part ways.

After the first reaction of sympathy for any individual who is in Lowenthal's situation, the next thought of anyone involved in the insurance technology business -- especially as a CIO or senior-level insurance IT executive -- probably is: "Could this happen to me?" The answer to this question varies, depending on one's point of view and interpretation of what might have gone wrong at NYMAGIC, or any other organization where the CIO is compelled to move on. Whenever there is news of CIO turnover, some observers will always blame vendors that don't or can't deliver on promised solutions that the CIO advocated. Others tend to blame the carrier itself for lack of patience, insight, flexibility or any other attribute that might have helped forestall the fallout (a perspective akin to the view Conan O'Brien's fans are taking of NBC). Still others will point at the executive him (or her) self, suggesting that whatever the technology or solution in question there was not enough due diligence, managing of expectations and realism in whatever project the CIO was supporting.

The bottom line is that it never has been easy to be an insurance industry CIO (or a late-night TV talk show host), and it's not going to get any easier (improved business management understanding of technology notwithstanding). And as the industry continues to deal with the fallout from the recession and global financial crisis, it's likely we will see more CIO turnover. But that doesn't mean that IT executives will give up on trying to lead and innovate -- it's the proverbial offer they can't refuse.

Katherine Burger is Editorial Director of Bank Systems & Technology and Insurance & Technology, members of UBM TechWeb's InformationWeek Financial Services. She assumed leadership of Bank Systems & Technology in 2003 and of Insurance & Technology in 1991. In addition to ... View Full Bio

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This is a secure windows pc.
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.