Digital Security: Business’s Social Responsibility?


Harriet Pearson, IBM

At the BBB Forum on corporate citizenship in NYC recently, IBM’s Harriet Pearson, VP Security Counsel and Chief Privacy Officer, made a good case for why Internet security should now be considered a number one business responsibility issue.

The recent LinkedIn snafu is just one example of the exposure a company faces when hackers gain control.  That sort of break-in is reason enough to address security and electronic privacy.

But the argument for data protection as a social responsibility concern goes deeper.

There are four drivers putting these issues on leadership’s corporate citizenship agenda , Pearson explains:

  1. Data
  2. Connectivity
  3. Risk
  4. Regulation

1.Data Proliferation

“There’s been more data created in the past two years than… in the history of humankind,” she says.  “Lots is already being used, and looking ahead, more of it will be used to enhance all aspects of our lives and businesses. But with such benefits comes an obligation to use and manage information thoughtfully.”

2. Ease of Connectivity

“If data sat in silos, we wouldn’t be talking about privacy and security as much.” Pearson says.  “But with the Internet, connectivity is easy,” sometimes too easy.  That means some data can fall into the wrong hands with one keystroke, deliberately or inadvertently.

3. Uncalculated Risk

“Businesses managing increasing amounts of data must assess and address risk,” she says. “Will passwords get stolen?  Will the company get mentioned—badly—by others?  Will systems go down?”  As companies and employees create and rely on ever more data, broader connectivity and growing demand for greater speed of work and communication, the size and shape of current and eventual risks are harder to measure–yet must still be managed.

4.Regulatory Uncertainties &Actions

“The first three drivers are – not surprisingly – moving government to act at all levels,” Pearson explains.  Regulation isn’t just a concern of the US federal government, but also of states and other countries.  Companies that aspire to corporate leadership will want to anticipate and influence such developments.”

At the most basic level it all comes down to the good guys and the bad guys. Can bad people manipulate your networks and information, risking not just company secrets and employee secrets, but also potentially exposing information about customers?  That’s a core level of business responsibility that companies need to understand and assume, says Pearson.

It has all the makings of a cyber-thriller, complete with cops, robbers, corporate competition and millions, if not billions, at stake (think Headhunters, the recently released Norwegian film about how even corporate security officers are lured into electronic crime by the promise of riches).

So is Pearson concerned?  “Sure but also energized. We can all contribute here — there’s a lot to be done to ensure that business and society continue to reap the value of digital technologies of all types.”


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s