But wait. In the lingo of infomercials -- there's more. There's a new danger lurking, threatening to knock you off your proverbial throne. This career killer has a name, and it's called
Researchers at the IT Leadership Academy interviewed 25 midmarket CIOs and 25 CIOs at large enterprises and determined that customer and internal data privacy is managed quite differently depending on the size of the company. Perhaps in no other area of IT are the policies, practices and mind-sets of large versus midsized organizations so divergent. And for many midmarket enterprises, privacy remains a blind spot.
While large enterprises are finally gaining traction in the crucial area of privacy, the topic rarely shows up at the top of the midmarket IT agenda. Our research shows that only 6% of midmarket companies have a chief privacy officer (versus 57% of large enterprises). Only 10% of midmarket companies have ever conducted a privacy audit, compared with 80% of large enterprises.
The type of data you store, how long you store it, how well you store it -- and most important, the degree to which you're successful in using that data -- will define the enterprise of the future. Just look at some of the public relations disasters that privacy breaches have caused at large enterprises. (They may be ahead of smaller companies when it comes to privacy protection, but the mistakes of larger companies are also more likely to become headlines.)
Earlier this year, Google Inc. was warned that it could be violating European Union privacy laws by retaining customer information for more than two years. And The TJX Cos. compromised data related to 45 million credit and debit cards in a mess estimated to cost $25 million.
In these cases, no CIO heads rolled, but there's no doubt that midsized companies have lower tolerance for such large-scale losses. When it comes to privacy, your job could be on the line.
This was first published in August 2007