WikiLeaks gives rise to a new “event risk” not often faced by companies—involuntary transparency, with secrets divulged using technology unimagined until recently. Protiviti’s Jim DeLoach says it’s a wake-up call for companies to understand this often overlooked and misunderstood risk — the insufficient management of data they process and store within their enterprises.
“We recommend that directors and executives seek an independent review of their organization’s data governance framework. For organizations that may already be exposed to this issue and are in a reactive mode, we recommend that they take the necessary steps to get ahead of the potential downstream scenarios and impacts and engage a qualified service provider.”
A solid data governance plan needs to be in place to address cyber threats.
“The key question, Ed, for a board member, a CEO (or) a general counsel is: ‘what type of data governance framework exists?’—the policies, procedures, internal controls, classification protocols, encryption technologies, monitoring processes, data-loss prevention procedures and other capabilities that the organization has in place.”
DeLoach says jailing the founder of WikiLeaks won’t stop the spread of similar web sites, which can move data to countries offering legal protection.