Why your company needs a chief privacy officer
Another week, another 70 million records compromised. Best way to not have a data breach? Don’t have the data in the first place.
Yet if you had a person or team dedicated to protecting employee and customer privacy, your data exposure would already be far less than it is today. Does your company have a chief privacy officer or advocate? If not, it should.
[ Deep Dive: How to rethink security for the new world of IT. | Discover how to secure your systems with InfoWorld's Security newsletter. ]Most companies have a CSO (chief security officer) and/or a CISO (chief information security officer). Put chief privacy officer on the list of C-level executives your company should have. More than ever, a dedicated privacy advocate is worth his or her weight in gold.
Privacy problems are embedded in nearly every component of computer security -- so much so, I propose updating the well-known security triad of CIA (confidentiality, integrity, and availability) to CIPA, with a pillar dedicated to privacy. Sure, it can probably fit nicely under confidentiality, but wedding it to better-known encryption issues doesn’t give it enough visibility.
full article
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.