Bob Miano's Blog

An Executive journal

Maintaining Our Balance

Did you see the story about Nik Wallenda, who completed a 1,500 foot high tightrope walk without harness over the Little Colorado River Gorge in northeastern Arizona, near the Grand Canyon?

During his 22 minutes above the canyon, as winds whipped around him and the rope swayed, Wallenda required an impeccable balance and a deep understanding of the risks involved. This he had honed from his own significant experience and eight generations of high-wire involvement within his family.

Another story that remains very much in the media spotlight, and includes a strong sense of the need for balance is that of Edward Snowden, an intelligence agency whistleblower who until recently had worked with the NSA and CIA. His flight overseas and subsequent release to the media about various data mining programs undertaken by U.S. intelligence agencies has sparked a widespread debate in the media, in government, in businesses and in our own homes, about the issue of balancing security and privacy in a hyper-connected digital age.

Like many of us in business, I am keenly interested in how organizations and society at large maintains the necessary balance between security and privacy. We know, for example, that in exchange for paying our taxes one of government's primary responsibilities is to keep us safe. The tools needed to identify threats and prevent attacks on our nation -- whether they be military, terrorist or economic, as well as the threat from criminal behavior -- have evolved in the 21st century technologized environment.

IT security threats are very real for business, too. In the 2013 Harvey Nash CIO Survey we identified that almost one in five U.S. CIOs (18 percent) believe their organization isn't effectively protected against hacking, commercial espionage and other external IT threats, an increase from 12 percent in 2012.

The growing number of CIOs who feel their organization is exposed to a cyber-security threat likely reflects the growing sophistication and frequency of IT security incidents U.S. organizations have experienced in the past 12 months. It's unsurprising that greater resources will be invested in cyber-security priorities in 2013 to identify and combat cyber-attacks.

Whatever the threat, however, any organization has to manage the risk of that threat within very clear boundaries for data protection that are set out in the wider legislative framework of our country. In the business community the framework of protecting data and the privacy of clients and customers includes legislation as well as an organization's own policies for data management. Oversight and accountability of implementing data security policies and ensuring they comply with current law rest with the senior executive team and ultimately the organization's board governance.

Returning to the Snowden story, his rationale for leaking information about the data mining programs was that they were operating outside the legislative framework. Not true, state his superiors who evidenced the continued need for judicial warrants should analysts want to access the data of an individual suspect, and point to Congressional and Presidential oversight of the programs and the agencies who run them.

Individual privacy has always been an issue centrally important to our way of life, and has never been so relevant in an era when we bank, shop, socialize and even engage our health care providers online. As a technology literate society we each have a role to play.

I read an insightful Opinion by David Brooks in The New York Times recently where he argued that: "For society to function well, there have to be basic levels of trust and cooperation, a respect for institutions and deference to common procedures."

While recognizing the moral dilemma that Snowden may have faced, that: "he had information about a program he thought was truly menacing." He also "made certain commitments as a public servant, as a member of an organization, and a nation".

"The founders did not create the United States so that some solitary 29-year-old could make unilateral decisions about what should be exposed. Snowden self-indulgently short-circuited the democratic structures of accountability, putting his own preferences above everything else."

I encourage you to read David's full Opinion here.

I believe very strongly in privacy, however, I believe equally as strongly in protecting Americans and our way of life. While our open and moderate society is a model for many it is also a threat to some, and as such it is at risk. Every time I visit New York and pause at the World Trade Center site I am reminded of this.

As we build up to our celebrations on July 4th I plan to enjoy spending some time with my family, as I hope you will, too, removed for a day or so from the frantic pace of business and technology change. In that time I will take a moment to reflect on the achievements of so many Americans who have built our incredible society over many generations.

I will silently thank the founders who based our system on the unalienable rights of Life, Liberty and the pursuit of Happiness, and I will reaffirm my trust in current and future generations to keep these rights in mind as they seek to balance along that tightrope of national security and personal privacy.