Denial is a powerful deception of truth.
While it may be tempting to point the proverbial finger at Target for its recent security breach, the unfortunate reality is that many companies will continue to contend with major security issues so long as they take a fragmented approach to the way they manage information. Neiman Marcus and TJX dealt with similar issues not too long ago and these events serve as painful reminders of what happens when companies don’t marry the business needs of their organization with a holistic information management strategy.
Data leak prevention starts with a change of mindset that begins with looking at IT as a strategic component to your business. In a recent article published in Chain Store Age, the exploration of benefits that come from adopting a modern approach to data protection and information management, where data can be efficiently collected, securely stored and quickly searched to meet today’s evolving compliance requirements.
The exponential growth of data is forcing its hand with IT leaders and making the need for an effective information management strategy a 'no-brainer' for all data-driven companies where long-term retention and protection of data is paramount to their organization’s survival and growth.
Although the damage has been done, I applaud Target for taking the right next steps. Revamping its security structure and hiring a chief compliance officer shows it is embracing the idea that security and IT should be intrinsically linked.
The silver lining is that fear may serve as the best motivation for change. If you’re a CIO or an IT decision-maker and feel your company (thus your job) may be vulnerable to a data fallout, here are a few questions you should ask yourself:
- What is the cost of proactive leak prevention and discovery versus having a global data leak crisis on your hands that impacts all business stakeholders?
- Are compliance and legal teams on board with your current information strategy?
- Are your current information assets safe, secure and retrievable?
- Are your internal stakeholders collaborating in the interests of making your customer data their primary focus?
- How siloed is your business – are data security and compliance linked?
While many organizations may consider these questions and make appropriate changes, the reality is some companies are still going to have to learn the hard way.
And that’s a shame.