Prism doesn't have CIOs in a panic -- yet
But CIOs and other tech executives say the spying scandal underscores the need for strong corporate security measures
IDG News Service - Revelations over the U.S. National Security Agency's Prism surveillance program have much of the general public in uproar, but in terms of the controversy's impact to enterprise IT, some CIOs have measured, albeit watchful, reactions.
"I don't see it as a problem for us," said Mike Zill, CIO of medical-products manufacturer CareFusion. "I don't see the government doing something to systematically damage our company or any company."
That said, CareFusion already has multiple "highly secure" systems in the company for protecting highly sensitive information, but those systems don't cover all of CareFusion's data and employees, Zill said. "The question is, do we push that to everybody? It's a question of the economics and the risk-to-reward [quotient]."
Only certain industries may need to worry, according to another IT professional.
"I think if we were some nuclear or medical company or something like that it would have been different, but the fact that we can tell you when Justin Timberlake is going on tour doesn't matter," said Ian Woodall, project manager and group IT at XL Video, a British company that provides large-scale video equipment for music concerts and festivals.
Many enterprises may be more concerned about industrial espionage than government spy agencies cracking their communications. But Prism should nonetheless serve as a clear wake-up call to CIOs and other IT executives, said Nick Selby, CEO of StreetCred Software and a risk management consultant who advises large organizations on industrial espionage and data breaches.
"If you take a look at what's already known about monitoring the public Internet, what you find is unencrypted email for decades has been entirely susceptible to in-transit copying, monitoring and surveillance," he said. "Most CIOs and most CSOs have not taken to heart the fact that it is not only possible your email will be intercepted and surveilled, it is likely. The value of encrypted communications has never before been so clearly outlined."
Still, Prism isn't going to spark "a major change in direction" at Toyota Motor Engineering and Manufacturing, North America, as the company is already "pretty high up that ladder of locking things down," said Tim Platt, vice president of information systems and information security. "Espionage is one of our larger concerns."
That said, the fallout from Prism "certainly adds weight to some of the considerations we've made in the past," he added. For example, in order to print or scan a document, employees must place their company badge on a reader, which logs the transaction, Platt said.
Toyota in general places strong emphasis on "what information is going outside of our walls, what the content of that is, and who could get at it," Platt added.
Platt also hinted at one potential benefit to CIOs resulting from the Prism revelations.
Security measures "cost money," he said. "Being able to point to the news that everybody's watching and say, 'that's what we're talking about,' that [simplifies] making business cases to executives."
The Prism scandal has shaken all of us, but perhaps mostly as individuals, according to Tony Soderlund, CIO at Salem Municipality in Sweden, which uses Google Apps.
To that end, CareFusion's Zill sees the potential for a post-Prism backlash against enterprises that use tracking tools, data mining, analytics and other technologies to profile customers, send targeted advertisements and, ultimately, sell more products and services.
"I don't want to be tracked," Zill said, citing the "digital leash" companies try to place on consumers. "It's exhausting."
In the wake of Prism, companies "should be prepared to be very clear about how they use customer and prospect information," said analyst Curt Monash of Monash Research. "This news makes the general populace antsier about privacy."
"My general approach to privacy issues is that it's inevitable that information will be passed around," Monash added. The key for enterprises is to be "responsible in its use and be seen to be responsible," he said.
(With reporting from Mikael Ricknas in London).
This pilot fish is a contractor at a military base, working on some very cool fire-control systems for tanks. But when he spots something obviously wrong during a live-fire test, he can't get the firing-range commander's attention.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Reduce federal infrastructure risk with compliance management and situational awareness
- IBM continuous monitoring and management solutions deliver real-time situational awareness to help federal agencies understand vulnerabilities, and protect the infrastructure.
- 2014 Gartner Magic Quadrant Report
- For the 7th year in a row, Riverbed is in the "Leaders" Quadrant of the 2014 Magic Quadrant for WAN Optimization Controllers. In...
- Improving Business Value of WAN Optimization
- Want to achieve faster ROI with WAN optimization? Read the latest IDC report and discover how you can cut IT costs without compromising...
- Four Little-Known Ways WAN Optimization Can Benefit Your Organization
- Read this white paper to learn how far WAN optimization has come, and how to make this most of your investments by using...
- IDC ROI Infographic
- Trends such as evolving communication patterns, connection types, applications and bandwidth can have an impact on enterprise organizations. Learn how IT organizations can... All Government IT White Papers
- Top 4 Digital Signage Fails Join RMG Networks for a look at four of the most common reasons digital signage fails in corporate businesses. Learn about strategies to...
- It's not too late...Get Your Mobile Questions Answered Live! How can IT provide seamless and secure mobile communications and collaboration for all? Join this live Webcast as IDG asks an expert panel...
- Why do you need an enterprise mobile platform? Today companies must offer great apps that run on a range of devices, and connect to an exploding set of backend data. Appcelerator...
- The Foundation You Need to Build a Better Storage Infrastructure Watch this webcast to hear how you can maximize the economics of your data center by modifying your storage footprint and power usage...
- Building Tomorrow's Data Center with Converged Technologies A number of forces are converging: the cloud, converged infrastructure, big data and fabric architectures to name a few.
- All Government IT Webcasts