Tagged: cybersecurity

Announcing The Information Governance Initiative

Three years ago, I sat down in a conference room in Washington, D.C with some really smart people and we quickly realized that we shared a vision for a consortium and think tank devoted to advancing Information Governance. Each of us had seen the incredible value that better information governance could create for their respective clients, but had also witnessed the consequences of information failure first-hand. Without a way for IG practitioners to share their experience across disciplines, it seemed unlikely that the promise of information governance would be fulfilled. Today, thanks to the support of like-minded individuals and organizations, this vision has been realized.

I am so pleased to announce the launch of the Information Governance Initiative (IGI), a cross-disciplinary consortium and think tank focused on advancing information governance. The IGI will publish research, benchmarking surveys, and guidance for practitioners on its website at www.IGInitiative.com. The research will be freely available, and the group will also be providing an online community designed to foster discussion and networking among practitioners.

I am founder and executive director, and it would be great if you would join us.

Our Mission

I believe information can be a positive transformative force in the world – improving business, government, and the lives of people in all walks of life. But I also believe that these benefits are not automatic, and in fact will only be the result of sustained, proactive efforts to understand and manage information in a better way. I believe that there is a need for like-minded people to come together and find this better way. A forum for ideas, facts, and techniques. An initiative that pushes the market forward and builds information literacy.

That’s why we created the Information Governance Initiative – and why we want you to be a part of it.

Who We Are

I founded the IGI along with Bennett B. Borden. I am the executive director, Bennett is the organization’s chair, and Jason R. Baron is co-chair. Jay Brudz is general counsel.

The IGI Advisory Board is comprised of members drawn from the disciplines that own the facets of information governance including information security, data science and analytics, e-discovery, business management, IT management, compliance, business intelligence, records management, finance and audit, privacy, and risk management. We are also developing a Corporate Council comprised of practitioners working in IG. Contact us if you are interested in participating in the Corporate Council.

At launch, IGI Advisory Board members include Courtney Ingraffia Barton, senior counsel, global privacy at Hilton Worldwide, Inc.; Julie Colgan, president of ARMA International; Leigh Isaacs, VP of the information governance Peer Group at ILTA; and Richard Stiennon, chief research analyst at IT-Harvest and well-known cybersecurity expert. Additional board members are being added on an ongoing basis.

Our Supporters

The IGI is launching with broad support from leading providers of information governance products and services, including:

We are also partnering with a variety of organizations to bring IG stakeholders from different disciplines together to work on the information governance problem. For example, we have partnered with The CFO Alliance, a community of over 4,000 senior finance professionals, to bring the IG conversation to the finance community. ARMA International has appointed a representative to the IGI Advisory Board, and the two organizations plan on working together to advance the adoption of information governance. In addition, the IGI will be presenting several sessions on information governance at the Managing Electronic Records conference in Chicago, May 19-21, 2014.

Get Involved in the IGI

Members of the leadership team are speaking about information governance at nine different sessions during the LegalTech NY 2014 conference between February 4-6th. If you are there, come see us and also visit our Charter Supporters in the exhibit halls.

Learn how you can get involved in the IGI at, www.IGInitiative.com

I also invite organizations interested in supporting the advancement of Information Governance to contact me at 646 450 4468 or barclay.blair@IGIniative.com.

Social Media in the Military: What Can It Teach Us?

I recently spoke with a Department of Defense contact about the internal battle currently being waged at DoD over the use of social networking. Sites like FaceBook have become a critical way for warfighters to stay in touch with friends and family, but of course the only way for soldiers to use such services in many theaters (including Afghanistan and Iraq) is through networks provided by their employers. And, some of their employers are not fans of FaceBook.

The battle he described (and as described in published reports – I’m not revealing anything secret here) sounds like the same battle occurring inside corporate America. The “old guard” takes a hard line, saying “we’re fighting a g*damned war here, these kids don’t need to be on the Internet,” and the “new guard” says, “hey this is the new reality, suck it up” (it seems like the Chairman of the Joint Chiefs of Staff is part of the new guard). Both are right, in their own way, which is why the middle ground must be fought for.

After all, here are the facts:

  1. Most organizations ask a lot of employees, i.e., working long hours, traveling for business, and being constantly available.
  2. Employees need to have personal lives, or they will no longer be our employees (or at least, not happy, productive ones-especially millennials).
  3. Communication with friends and family is essential to having a personal life.
  4. We don’t block all non-work telephone calls, or (in most cases) prevent our employees from having personal cellphones.
  5. Yesterday’s telephone is today’s social networking tool.

BUT

  1. Organizations are generally liable for their employee’s use or misuse of their assets, i.e., everything from company cars to the company’s computer networks.
  2. This liability and risk extends to information technology, including social networks.
  3. If we allow social networking tools, we must identify and manage that risk.
  4. Social networking tools ARE different than the telephone, in that all communications are inherently recorded. So, we have to deal with this recorded information.

The worst of all  worlds is that we turn a blind eye to social networking and allow employees to do whatever they want. One the one hand, this fails to maximize the potential benefit of the technology by not encouraging and facilitating its use, and on the other hand, buys all the liability and risk.

There are only two options.

One, don’t use it at all. Ban it, control it, shut it down.

Two, legitimize its use through policies, training, and technical controls to minimize the downside, and then encourage and incorporate its use to maximize its benefit.

Apathy is no excuse, and hope is not a strategy. Get on top of it today. Hmmn, how many more clichés can I leave you with?

UPDATE: The DoD has releases a policy regarding secure use of social media. Excellent coverage here.

Speaking Engagement: Cybersecurity

There’s a symbiotic relationship between information governance and information security. Both focus on controlling information – perhaps for different tactical reasons, but strategically the goal is the same. I’ll be talking about this at a half-day seminar put on by Raytheon Oakley in Falls Church, Virginia on January 27, 2010.

Click here for more information and to register.