OPINION: Disaster has struck and all big organisations should be preparing to pay the price. In the aftermath of the HM Revenue & Customs (HMRC) loss -of personal information and a subsequent flood of data security breaches, large organisations should be ready to prove that they can take care of personal information.
Anyone who thought that the HMRC disaster was a one-off could not hold that view for long as a Ministry of Defence laptop, a Marks & Spencer employee database and others have created an ever-growing list of organisations suffering a loss of important or confidential data.
The effect of this accumulation of security errors has created a growing public worry that demands a political response, and the expectation will be that the Government will now seek to involve itself more closely than ever in the business of keeping our data safe. All organisations may soon have to prove that they have maintained the appropriate standards when they use computers.
In one sense this is an extension of a trend in other fields of IT governance where the Government has stepped up regulation.
The millennium bug demonstrated that a functioning modern economy was totally dependent on its computer systems, while the collapse of multinational corporations such as Enron demonstrated that some organisations could hide their financial problems by using reporting systems that were not fit for purpose.
The political response to these problems was to enact legislation that gave powers to ministers or regulators to impose standards with respect to interoperability, governance and resilience. In this way, Government interference in an organisation's processing procedures has been firmly established as a fact of life.
Have you read these related articles?
Newsletter:
