Unum's Lynda Fleury navigates changing security environment
If there is a downside to the increased digitalization of the insurance industry, it’s in the proliferation of vectors of risk and potential for malfeasance with customers’ precious personal data.
That’s the battle that Lynda Fleury, chief information security officer for Unum, is fighting every day. However, the terms of engagement have changed over time, she notes, and with that come differences in the ways security professionals approach their jobs and their relationships with the business at large.
“Companies want to facilitate anytime anywhere access to anything from anyone through mobile technology. And with the adoption of cloud, we are extending pieces and parts of our network to areas outside of our control,” she explains. “We have shifted from the enforcers, to becoming the trusted advisors, educating business parters and IT advisers on what the technology landscape is.”
Fleury, who began her career in IT security in the banking industry, came to Unum as an IT auditor in the mid-1980s. Since then, she has been credited with growing Unum’s security organization from the ground up, increasing the size profile of the team over time. Today, Unum’s IT security organization has more than 40 professionals in it.
“It all started when I took on an 18-month special project in the security organization, to help them develop policies and procedures around the distributed environment,” she says. “When I started in security, it wasn’t considered a profession like it is today.”
Today, she’s in the midst of doing the same for Unum’s business continuity and disaster recovery organization. Fleury is hoping to recreate her people-centered approach and the success she achieved by training employees of all levels to be vigilant in their attentiveness to protecting sensitive customer data.
One of her recent projects revolves around making investments in access management and looking toward the future of authentication.
“The bad guys are getting way more sophisticated in their social engineering attempts,” she says. “These folks are doing a really good job at scouring social media, being able to profile key individuals in an organization, specifically targeting folks with spear-phishing emails. So it’s interesting to see where identity management is going to go. It’s something that we’re looking at from a user experience perspective.”
Though Fleury admits that “there are days that I go back and wish that everything was contained in our data center,” ultimately she has made a career out of enabling the business to do more despite headwinds in the environment.
“We’re trying to reduce risk to a manageable level, continuing to fill the need as the security landscape continues to evolve, protecting data and the company environment from unintentional or intentional acts,” she says.
Given the challenges around data security’s profile, it wasn’t easy to find talent to fill the organization, either. Fleury is credited with putting in place strong leadership and in growing the team through savvy techniques.
“I serve on the board of a local technology council, working with the [Chattanooga-area] school systems on the curriculum — there continues to be a shortage of security professionals — but also to help influence young girls that it’s OK to be in technology.” Unum in particularly has done a “very good job providing women leadership opportunities,” Fleury says.
“[CIO Kate Miller] is our second female CIO, and many of our senior leaders are women,” Fleury notes.”Though as I attend large events I’m still finding its predominantly male, I’ve never felt that I’ve had a barrier here at Unum that prevents me from doing what I need to do to be successful.”