We are in a golden age of data breaches--it's a matter of when, not if, you'll be responding to a data loss event--and consumer attitudes about data security and privacy are evolving accordingly. If your data security and privacy programs exist just to ensure regulatory compliance, you're going to be in trouble.
Do you know your data -- what you have, how you got it, where it is, why you have it, and who needs it? Data (and the insights it yields) is power: Among other things, it can help your company better understand customer behavior and preferences, and improve business processes and efficiencies. But data can also lead to an organization's downfall if it's handled improperly or lost.
There is a maze of conflicting global privacy laws to address and business partner requirements to meet in today's data economy. There's also a fine line between cool and creepy, and it's often blurred. Meanwhile, customers--both consumers and businesses--vote with their wallets.
Smart organizations will make an effort to earn customer trust by ensuring that privacy is a competitive differentiator for their businesses and part of their business technology (BT) agendas. They can't just pay lip service to privacy; they must adopt appropriate policies and enforcement measures, and build privacy considerations into business operations and the products or services offered to customers. Today, about one-third of security decision-makers in North America and Europe view privacy as a competitive differentiator. Forrester expects half of all enterprises to share that sentiment by the end of this year.
A privacy champion--be it a chief privacy officer, a data protection officer or another IT professional--will take on this responsibility to rally and oversee privacy efforts. The key here is that the champion must lead the effort, not take sole responsibility for it. As CIOs expand the BT agenda beyond internal IT operations to include a focus on acquiring and retaining customers, privacy protection is critical. Work with your privacy champion to identify privacy risks and requirements, and understand the privacy impact of BT decisions.
Heidi Shey is an analyst at Forrester Research.