Data Breaches. Big Data. The Future of Privacy
Media headlines and the blogosphere are in overdrive regarding privacy, security, and risk after recent events, as my fellow blogger Glen Sarvady pointed out in his recent blog: Data breaches may accelerate move to new technology.
Leading the charge in the dialog are messages from the top CEO, The President of the United States about the need to assess and look at big data and the implications of the emergence of technology capabilities. Over the next 90 days, the discussion will continue with privacy experts, technology geeks, and C-suite focus on the balancing act of enabling technologies while maintaining a sufficient cyber-security infrastructure.
Recent testimony in the Senate regarding recent retailer breaches, will keep the C-suites at many companies on edge. A common thread throughout the dialog is the criticality of implementing the right set of controls: CEO’s can’t eliminate risk, but to provide the tone at the top within their organizations on how best to mitigate and manage risk.
Protecting company assets and securing information, while enabling functionality consumers want is a juggling act. The rapid evolution and consumption of technology involves the use of third party service providers regardless of industry. Financial service companies are feeling the pressure as multiple regulators are focusing attention as to the maturity level of third party or vendor risk management programs. Organizations are highly dependent on leveraging third parties to be profitable today – which is why it is critical to leverage thought leadership and resources across the industry to focus the debate on the right set of standards for third party risk assurance.
Three simple things any business leader can do to engage the dialog within their internal risk stakeholders:
- Conduct outreach to your employees & contractors on the importance of privacy & security in all aspects of their job. Lather, Rinse, Repeat the value of your organization’s privacy & security procedures
- Elevate the risk dialog in your own organization, by looking not just at technology solutions, but governance and management reporting
- Minimize third party risk by assessing your vendor risk management program and determining how to optimize resources and thought leadership from peers
While the polar vortex is making our reality ice cold, the debate on breaches, big data, and privacy are creating a chilly atmosphere for executives. Fueling the dialog will be vast opinions on where to invest, and what level of investment is needed to reduce the risks.
Collaboration is the key to success on most risk topics – everyone has the same stake in the game. A good example of collaboration is the recent release of new tools and resources for effectively managing the critical components of the vendor risk management lifecycle, announced by the Shared Assessments Program. Shared Assessment members are national and international organizations of all sizes that understand the value of leveraging the knowledge of their risk management peers in the definition and management of third party risk management programs. The collaborative organization brings together working groups, development committees, and special projects in the area of third party risk assurance.
Bottom line, the message is about Respecting Privacy, Safeguarding Data, and Enabling Trust
Linnea Solem is the Chair of the Shared Assessments Program and is Vice President and Chief Privacy Officer for Deluxe Corporation. Linnea is a management professional with 20+ years financial services experience in areas eCommerce, technology, business development, marketing, information practices and risk management. She is a Certified Information Privacy Professional and led Deluxe’s compliance initiatives for Y2K, GLB, Check 21, and Red Flags Legislation. You can connect with Linnea on LinkedIn.
Reposted with permission from Forward Banker