Corporate Executives Get Help With Security and Privacy Strategy

A joint paper released by Canadian Information and Privacy Commissioner Ann Cavoukian and Deloitte & Touche LLP, provides corporate executives with suggestions for developing strategies for information security and privacy protection.

The Security-Privacy Paradox: Issues, Misconceptions and Strategies examines the complex and often misunderstood relationship between the disciplines of information security and privacy protection.

"The evolution of the computer from a passive, mechanical record-keeper to an interactive, networked transaction manager has dramatically increased the volume and variety of personally identifiable information collected by organizations," said Commissioner Cavoukian. "This capability for high-speed, high-volume processing and dissemination of personal information creates the potential for substantial risks - as well as large-scale opportunities - associated with information security and privacy protection. However, you must address both - never just one. While information security and privacy do overlap, at times they may appear to contradict. In preserving one alone, companies can do serious damage to the other."

The joint paper helps to clarify the security-privacy paradox for senior executives and other professionals. The paper:

  • Describes and illustrates major characteristics, points of difference and areas of overlap between information security and privacy protection;
  • Addresses issues and misconceptions that can lead to wasted money, time, effort, conflict and, all too often, inappropriate measures and programs; and
  • Recommends and prioritizes business, organizational and technical approaches that are cost-justifiable and can be beneficial in reaching regulatory compliance.

"For those companies that can effectively master building a foundation of trust between themselves and their customers the rewards will be significant. In doing so, companies must effectively address information security and foster an environment that protects customer privacy," said William Levant, Global Privacy Leader, Deloitte & Touche. "The creation of trust in this on-line business world is what can give one company a competitive advantage over another."

The Security-Privacy Paradox cites examples of approaches that work, and those that have failed. In its concluding Roadmap for Successful Strategies section, it offers 16 key steps for smart businesses to follow.

You may like these other stories...

While reputational risk is the No. 1 nonfinancial concern among corporate directors, cybersecurity/IT risk is gaining steam. In fact, both private companies and organizations with more than $1 billion in revenue felt they...
We've all been there. Trying to make our work-lives more efficient, transfer knowledge to newer team members, and leverage our practices. Sometimes it works, and sometimes, well, the result is embarrassing at best.Here...
From May 20-23, the Association for Accounting Marketing (AAM) held its annual conference. Frequent contributor Sally Glick picked up some ideas that she will be sharing with us in the coming days, as she has done in...

Upcoming CPE Webinars

Aug 5
This webcast will focus on accounting and disclosure policies for various types of consolidations and business combinations.
Aug 20
In this session we'll review best practices for how to generate interest in your firm’s services.
Aug 21
Meet budgets and client expectations using project management skills geared toward the unique challenges faced by CPAs. Kristen Rampe will share how knowing the keys to structuring and executing a successful project can make the difference between success and repeated failures.
Aug 28
Excel spreadsheets are often akin to the American Wild West, where users can input anything they want into any worksheet cell. Excel's Data Validation feature allows you to restrict user inputs to selected choices, but there are many nuances to the feature that often trip users up.