In today’s companies the sphere of influence of CIOs is dramatically increasing vis-a-vis other C-Suite executives. This point was nicely made in a blog I read earlier this morning entitled CIO’s Seven Points of Key Influences that was written by Pearl Zhu. I believe that influence is even broader and also includes influence over legal issues as well.
Pearl’s post discusses the seven points of CIO’s influences: Strategy, Innovation, Technology, Culture, Talent, Sustainability, and Influencer. In fact, Pearl appropriately describes the CIO as being the Chief Influence Officer:
“Chief influence officer is the most persistent persona for CIO in 21st century, since the technology is ubiquitous in information age, however, the traditional big-box hardware style of IT infrastructure is disappearing, and more invisible digitized IT backbone based on Cloud computing is emerging, modern CIO is no longer just a chief infrastructure officer to manage back-office of functional IT, the strategic role is more based on the influence made across the organizational boundary, from innovation to sustainability, from talent management to cultural transformation.”
I agree! I would encourage you to read her blog as her arguments are convincing. But, I would also add an eighth:
Few would disagree that data breach has been one of the leading news stories of the year. This is not going to change any time soon as we continue to learn about more and more data breaches on a daily basis. When a company is hit with a data breach, it can cause catastrophic harm to the company’s bottom line in many ways because of the legal implications associated with the breach, whether it be an internal breach or the more notorious external hacking.
These events can be so substantial that they can threaten the very life of the company. Who other than the CIO is best equipped to understand the technical and practical side of these issues? Just consider the follow issues, which are becoming more and more common issues that companies need to address in the Information Age:
Securing the network from outside intrusion;
Determining appropriate insurance coverage to protect against data breach and privacy risk;
Developing appropriate policies for computer access and use;
Integrating technological restrictions on access to certain information;
Developing and implementing systems for monitoring or, at least, recording certain activities on the computer network; and
Securing and preserving reliable information for investigators concerning what information is compromised and, when possible, securing all available data to potentially track the intruder.
These are just a few of the issues that I thought of based upon recent “real world” events — I am sure you can think of many more. Come on, help me out here — tell me in the comments what other legal issues you can think of!
Oh, and there is one more — one that is particularly important: Last, but not least, the CIO can a great help in finding great outside legal counsel to assist with handling all of these issues!
Shawn Tuma is an attorney who is internationally recognized in cybersecurity, computer fraud and data privacy law, areas in which he has practiced for nearly two decades. He is a Partner at Spencer Fane, LLP where he regularly serves as outside cybersecurity and privacy counsel to a wide range of companies from small to midsized businesses to Fortune 100 enterprises. You can reach Shawn by telephone at 972.324.0317 or email him at firstname.lastname@example.org.
View all posts by Shawn E. Tuma