2. The two hottest issues in IG (and beyond) are Big Data and Security, both for money reasons. As panelist Alison North stated, corporations are trying to monetize every last bit of data for profit, competitive advantage, and cost-justification of their huge IT investment. Similarly, the cost of security breaches is so high – and goes beyond money – that many businesses and governments are pouring resources into prevention of data theft, denials of service, etc.
Of course records management through IG plays a major role here. Applying a retention schedule and legal holds to Big Data is the antidote to mega-storage and legal risk. Most Big Data has a short shelf life, and defensible disposal is a key component. So here’s one for RIM.
The numbers tell the story for Security as well. Experts such as panelist Andre McGregor, FBI Special Agent for Cyber-security in New York, agree that there is no sure defense against system intrusions by “bad guys”. However, the value of the target can be minimized through appropriate records retention and disposal. A smaller target may have lesser value, should a security breach occur. But IG has other contributions to make, including enlightened policies.
3. Interestingly, there was consensus that the weakest link in cyber-security is human behavior. Two strategies combat that. One, of course, is education/change management. Changing behavior is difficult and imperfect, but helpful. The second is automation, that is, taking the human factor out of the equation. Even the best-trained staff members make mistakes, and automation should help lower the errors. However, automation has been known to be vulnerable as well, so pick your poison. There is no sure antidote to cyber-security toxins. One way to mitigate the exposure and possible damage is through an effective IG program that reduces risk and softens the blow, whenever it comes.