So the last thing I’m going to try and do here is to attempt to talk to you about the principles of IT Security and Privacy.
But what we do need to understand is that people are increasingly willing to sacrifice elements of privacy in return for something we find valuable, grocery store loyalty cards for example are the gateway to a whole range of profiling and targeting that we subject ourselves to in return for some cheaper petrol and a few savings vouchers – it’s going to continue, especially as (through innovation and transformation) organisations get increasingly sophisticated in how they collect, analyse and use the data that we leave in our wake as we travel through our every day lives.
The good news is that despite the scaremongering, people are really waking up to privacy and security issues and are increasingly able to make informed choices about what information they disclose and how to protect the information they seek to remain private.
Perhaps the best example of this occurred a couple of years ago with Facebook when Zuckerberg changed the status updates to a newsfeed service.
Zuckerberg faced a massive backlash from his user base, almost 300,000 users got together to revolt but then something happened. Surprised by the reaction, Zuckerberg implemented a privacy feature that enabled people to designate which information was private and which was public (and would therefore be sent out as part of the news feed update to friends). The reaction was incredible and transformed the usage of Facebook and ultimately set the standard for a bizarre conflicting standard for personal privacy that is simultaneously vigilant and laissez-faire.
But societal changes aside, lets return to the job at hand. In light of the other topics I’ve talked about today, Security and Privacy are no different. Traditionally, these concepts have been thought of as constraints to productivity, disablers of the possible, barriers to progress. I don’t think we’re there anymore. IT Security is an integral part of everything an organisation does and just like the others, given the other opportunities that both technology and society are presenting today, ultimately, our increasingly sophisticated needs and understanding become the catalyst for truly transformational change.
However, the biggest issue I’m left with today is our own organisational view on risk, I just can’t see how we can achieve the kind of transformation that’s going to be required without being forced to revisit some things that are obviously the very cornerstone of our operation and culture.
Ultimately, we are the only people that can answer this, but I’m hopeful that by continuing to collaborate through this blog (and other forums), both we and our other strategic partners will be able to provide you with pieces of the puzzle that make what is necessary, possible.