Today more than ever, preventing data security breaches is a top priority for any business. Recovering from a breach has a measurable impact on the bottom line. A 2006 study by the Ponemon Institute reported it cost companies $182 for each lost customer record in direct costs, lost productivity, and lost customer opportunity. But perhaps even greater is the damage to a company's reputation. In a survey of consumers, Ponemon found 60 percent terminated or considered terminating business with companies that notified them of mishandling their private information.

Of course, information security is nothing new to insurers, but in the past, security has focused on ways to keep people away from information and to control access to and connections between enterprise applications. Today, that model has been turned on its head.

"In the good old days, you could batten down the hatches, not allow any communication into your corporate applications, and be reasonably secure people wouldn't hack into your [core] systems. With the explosion of Web services and service-oriented architecture, corporate barriers and firewalls are like Swiss cheese as the business finds legitimate reasons to expose applications to improve efficiency and do things it couldn't do with tight integration," says Mounil Patel, vice president and research director at Aberdeen Group.