by Maryfran Johnson

Cybersecurity and the Privacy Debate

Opinion
Jun 09, 20092 mins
IT Strategy

How privacy issues are being addressed with cybersecurity.

Imagine your cell phone rings. A strange voice from an unrecognized number asks, “What are you doing right now?” Who is this? “No one you know,” says the voice.

What do you want? “To know what you’re doing.”

Cue the creepy music. Consider calling 9-1-1. This is real life.

It’s amazing to think how that same behavior online—a perfectly tame social media exchange—would be vaguely threatening in the physical world. It would feel like a boundary crossed without permission. Like an invasion of your privacy.

As our cover story on “The Privacy Paradox” points out, the long-simmering debate about privacy controls over personal data is bubbling back to life. There is a volatile mix brewing from ubiquitous mobile Internet access, rising social media use, extensive data outsourcing, vague privacy policies, different generational expectations and the looming potential of stricter federal laws protecting consumer information.

So, as much as CIOs would love to avoid getting dragged into this fray, how can the ultimate stewards of corporate data step away?

“CIOs generally don’t care about privacy,” claims Peter Milla, a former CIO and chief privacy officer at Survey Sampling International. CIOs push the issue off to their security chiefs instead, he says, which may seem like a sensible strategy until the lawyers weigh in.

Attorneys believe privacy concerns should be triggering louder alarms in the CIO’s office over everything from customer data theft and trade secret protections to the PR aftermath of employees leaking confidential company information via social media outlets.

“Our job as CIOs is to educate people about how what they’re doing today can be searched across the world today or tomorrow,” says CTO Matt Kesner of law firm Fenwick & West. He worries that it’s a mighty short hop from doing business casually over corporate IM to mistakenly sharing proprietary company data on Twitter.

Indeed, the biggest worry of all will likely come from your company’s revenue source: the customers. They want to connect and do business online—flinging around all sorts of private information—while still feeling protected and in control of their own data. The buck for all that will stop right at the CIO’s desk.

Is that your cell phone ringing? What are you doing right now?