Leading A Business When Privacy Is (Almost) Dead
Privacy is almost dead. And truth be told, it’s by our own doing. Thanks to the “selfie culture” that exists today, our privacy appears to be headed for six feet under. The modern lifestyle is rife with oversharing of every single detail of our days, and this isn’t just a consumer trend. These habits tremendously impact our business world. Social networks have taken all of that overshared personal data, aggregated it and made a solid business out of it. That alone has fundamentally changed our personal and business worlds alike. Some of this change is good — for example, it introduces more collaboration — but on the flip side of that increased collaboration comes increased risk. This is a huge concern that every C-level executive is grappling with today.
The question on every business leader’s mind is this: How do I build and run my business when privacy barely exists?
Privacy is (almost) dead.
With this new world of near-zero privacy, the risk to businesses has increased tenfold. Business leaders used to be able to sleep at night, recognizing that their perimeter security measures were usually enough to keep security threats at bay. That is no longer the case anymore. The security perimeter has been practically wiped off the map with the massive digital transformation that businesses all over the world are going through. Executive teams and security teams alike are now struggling with how to secure the business without locking it down entirely, thereby removing the ability to collaborate, innovate and scale the business.
Risk and the Board
What does this mean for leadership? Board members are now taking note of the increased risk that surrounds the businesses they serve. They are starting to ask questions that require their executive team to prove that their IT infrastructure is shored up. Importantly, they are also demanding more expertise and oversight, and making sure that when a security incident invariably strikes, an incident response plan is in place. The number of inquiries on the topic of addressing board member concerns around security and risk has skyrocketed at Gartner Research. The firm noted that it received seven times as many inquiries on the topic in the last year than it did just a few years ago. Business leaders are certainly taking a crash course on cybersecurity today, as this has no longer become something that just the CISO or CSO is concerned with. This is now a companywide issue, from the boardroom on down.
Security and compliance go hand in hand.
Business leaders now need to be versed in security and compliance — it’s not an either/or situation. In a similar fashion, compliance is not something that just finance and compliance teams spend months and months readying themselves for. Compliance is all over the headlines today, as it has become an issue that has risen to the top of business agendas. This could not be truer as we continue to see new regulations abound, like the upcoming California Consumer Privacy Act (CCPA ) due out in January 2020, and the General Data Protection Regulation (GDPR), which is already in place in Europe. The fact is, with privacy all but a pipe dream today, these regulations are meant to bring back a semblance of control to consumers who wish to keep their private lives private, and to force businesses to pay closer attention to protecting their customers’ and employees’ sensitive personal data, or risk steep fines
The Path Forward
Where does that leave us as business leaders? The terms “security-centric” or “risk-centric” may sound trite, but the fact is, organizations today must put the security of their business as their No. 1 priority. And that prioritization must come from the top.
Without security, the lifeblood of your business is at risk — your people and the access they have to sensitive data is a hot target for hackers today. The “bad guys” are desperately trying to get access to the sensitive data that makes up your business, including customer lists, intellectual property such as product road maps, diagrams and strategic plans, and other types of critical company information. If even one of those items is stolen, or the privacy of just one customer is breached, suddenly the value of your company is at risk.
As a leader, one of the key things you can do is to educate your team members on how to protect their own digital identity but also on how to properly protect and safeguard the proprietary information that makes up the lifeblood of your business. The fact of the matter is, we each need to be stewards of our own data and more broadly, of the company’s data (including our customers’ data). This absolutely requires an all-hands-on-deck approach today.
While there is much to learn as we trend toward a zero-privacy world, one thing is for certain: It is absolutely clear that security, risk and compliance are no longer IT lingo, but top-line agenda items for every business leader today.
This post originally appeared on Forbes.com.