"The action and manifestation of risk is not necessarily evident to today's users in the way it was in the past, and that creates a big inherent challenge for a CISO," says Malcolm Harkins, CISO at Intel Corp.
Social media, mobility and cloud computing are new areas of risk for organizations, and risk managers need to go back to the fundamentals of understanding the information they are protecting, says Robert Stroud, ISACA's international vice president.
The use of social media raises risk management issues, and education is the key to overcoming the common misperception that "you can say anything you want on social media and not have any consequences," says compliance specialist Roy Snell.
More than just Facebook friends, today's Chief Information Security Officer needs to connect and collaborate with key corporate allies who can influence the enterprise risk and security practices within any organization.
From Facebook to Twitter, the new era of business communication and collaboration requires involvement of senior leaders to guide an organization's social media strategy and engagement. It's a big role, and it comes with significant responsibilities.
Once a CEO understands the value and risks catered through mobile functionality, it is easier to discuss mobile innovations, policy and how the company can then strike a balance to meet customer and employee requirements.
What if, while searching the Internet, you come across a Facebook profile of one of your employees, including inappropriate pictures and personal remarks on the supervisor? What does this mean to you as an employer? And what can you do about it?