The Internet is driving greater transparency of information but has also created more risk for corporations drowning in customer data, according to two legal experts. “The environment in which we all operate today is one of greater openness and transparency,” former High Court judge Michael Kirby said at a book launch for Corporate Information and the Law by Leif Gamertsfelder. “People who live in the age of the Internet and social networks expect greater transparency from everyone, particularly from people with power” including government and large corporations, Kirby told CIO Australia. Corporations should be viewed as “custodians of information,” said Gamertsfelder, an executive legal counsel at Commonwealth Bank. “The integrity and trust attributed to a corporation will be a function of how well it discharges this custodial role.” Maintaining good cybersecurity is critical to maintaining trust with consumers and other stakeholders, he said. “We have to acknowledge that the attacks will continue. Corporations around the country will be subject to hundreds of thousands of attacks daily. They are part of the road rules for the information economy now.” However, “cybersecurity demands much more than good-faith implementation of whatever technologies may be available,” he said. “Achieving sustainable security practices requires mature information governance frameworks,” he said. “It is a process which requires a top-down approach involving the board, senior management and—among other things—policies, practices, standards, threat or risk assessments, privacy impact assessments, audits, testing, education, change management and finally, the effective implementation and maintenance of technology.” Corporations are “maturing” in their approach to disclosing data breaches, but it remains a difficult issue, Gamertsfelder said. “You always have to balance the issue of false positives,” he said. “It’s not always clear whether or not an event has happened and if you report on the basis of incomplete information or inaccurate information, you’ll cause a lot of consternation and disquiet in the community amongst the population of consumers and then you might ultimately find out there was no issue whatsoever.” Gamertsfelder urged caution to policymakers considering mandated data breach notifications to the public. “Having a law which imposes penalties needs to be well thought through before it’s implemented.” A flood of electronic information Kirby warned Internet users to carefully consider the trail of evidence they leave when they write emails and post on social media. Email and social media has added to an expanding amount of electronic evidence now available to courts, he said. “It’s created an overwhelming mass of information that threatens to drown us all.” “Anything that people produce is ultimately deliverable to a court. There will be sometimes exceptions, but the law will normally provide access to the court to the best of all information and evidence, and that will include where it exists social media created by relevant witnesses or parties,” he said. “I think that’s something that people don’t always think about when they create their social media,” he said. “It may have significance in a completely different environment sometime later.” “Many a murderer goes to his fate or her fate because of the folly of the emails.” Follow Adam Bender on Twitter: @WatchAdam Follow CIO Australia on Twitter and Like us on Facebook… Twitter: @CIO_Australia, Facebook: CIO Australia, or take part in the CIO conversation on LinkedIn: CIO Australia Related content opinion Website spoofing: risks, threats, and mitigation strategies for CIOs In this article, we take a look at how CIOs can tackle website spoofing attacks and the best ways to prevent them. By Yash Mehta Dec 01, 2023 5 mins CIO Cyberattacks Security brandpost Sponsored by Catchpoint Systems Inc. Gain full visibility across the Internet Stack with IPM (Internet Performance Monitoring) Today’s IT systems have more points of failure than ever before. Internet Performance Monitoring provides visibility over external networks and services to mitigate outages. By Neal Weinberg Dec 01, 2023 3 mins IT Operations brandpost Sponsored by Zscaler How customers can save money during periods of economic uncertainty Now is the time to overcome the challenges of perimeter-based architectures and reduce costs with zero trust. By Zscaler Dec 01, 2023 4 mins Security feature LexisNexis rises to the generative AI challenge With generative AI, the legal information services giant faces its most formidable disruptor yet. That’s why CTO Jeff Reihl is embracing and enhancing the technology swiftly to keep in front of the competition. By Paula Rooney Dec 01, 2023 6 mins Generative AI Digital Transformation Cloud Computing Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe