Sunday, 18th September 2011
Tim Buckley Owen
Senior managers tend to be uninformed about the nature of cyber threats to their business and don’t know where to turn for advice, says an influential new report. Its primary concern is with critical national infrastructure but, as other recent developments show, it’s just as much about protecting your customers’ privacy – and your business’s reputation.
Commercial businesses seem particularly disengaged from the issue says the report, Cyber Security and the UK’s Critical National Infrastructure, from the Royal Institute of International Affairs at Chatham House. But government can only provide incentives to encourage a remedy, the report concludes; it can’t mandate it.
Nevertheless, remedies are certainly required, the report makes clear. Vulnerability to fraud and identity theft, the discovery of the Stuxnet virus in 2010 and the activities of organisations such as Wikileaks are all evidence of how much at risk an interconnected information infrastructure can be from “aggressors, criminals and even the merely mischievous”.
Not that businesses lack advice. Much of the United Kingdom Information Commissioner’s new Guide to Privacy and Electronic Communications is concerned with what businesses may and may not do when marketing to customers, but it also covers what they have to do when they think subscribers’ security has been breached – and the requirements are exacting.
Meanwhile the World Wide Web Consortium is starting to address regulators’ concerns on both sides of the Atlantic about technology that intrudes on web users’ behaviour. It’s setting up a Tracking Protection Working Group with the job of delivering, by the middle of next year, a set of standards to allow individuals to say whether or not they want to be tracked online, and to make sure that whatever tracking does go on is transparent.
It’s questionable whether business will give any of this priority without prodding. As the Chatham House report points out, some organisations seem to want to remain detached from the security debate for as long as possible – an approach which it regards as “inadvisable in such a fast-moving environment”.
And Europe, it seems, is taking the lead. In an open letter the Transatlantic Consumer Dialogue (TACD – a coalition of more than 80 consumer organisations in North America and Europe) expresses surprise that the United States Congressional Subcommittee on Commerce, Manufacturing & Trade should regard the European Union Data Directive as a “burden”.
US privacy laws “lag woefully behind current technology and business practices”, the UK-based TACD says. The US also generates more spam and spends more money monitoring its own citizens than any other country in the world, the group claims.
Although the letter doesn’t spell it out, the underlying message seems clear. If businesses don’t tackle these issues urgently, they’ll come back to haunt them.
Document the value chain, and transform the way you think about, manage and report on your product portfolio and your information service contributions to your organisation goals.
Focus on Value Chain
Risk assessment is a required process for a healthy information department. It gauges the ability of your services, team, portfolio and overall value to withstand stress.
Focus on Risk Assessment
Sorry, there seems to be a problem with Webinar and Community listings. Please let us know, by email to email@example.com. Thank you.
Our proven processes, resources and guidance will help your team make the shift from transaction centre to strategic asset.
Designed around the most common challenges and pain points for time- and resource-strapped information teams
Supercharge remote productivity and value
Holistic content portfolio management
Future-proof your information service
A tailored overview of our research and active discussion with your Jinfo analyst.
Measure your starting point to articulate your strengths and set priorities for future improvements. Assessments gauge risk, capacity, value and more.
Read case studies, and start the conversation:
Connect your team with the practical tools, original research and expertise to build and support information strategy in your organisation.
A Jinfo Subscription gives access to all Content (articles, reports, webinars) and Community.