Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

10 IT agenda items for the first US CIO

Obama's appointment of Vivek Kundra marks an important first step for rectifying the nation's concerns about IT
Page:

Last week, US President Barack Obama made good on his promise to appoint a national tech leader for the United States. As the country's first-ever CIO, Vivek Kundra faces significant challenges modernizing the nation's IT infrastructure and will be charged to do so at a time when self-interests and a lack of industry oversight threaten not only our freedoms and privacy but also the long-term innovation potential of IT.

And though the former CTO of the District of Columbia's new job description errs on the side of IT management rather than US tech policy, the move toward a national CIO -- and, likely, a national CTO -- lends hope that the government will provide much-needed oversight to an industry that has fast been infused into nearly every aspect of our lives.

After all, governance has proved essential to safeguarding a variety of long-standing industries from corporate malfeasance. And creating a post designed to oversee government-wide technical initiatives may be the first step toward getting the United States back on track in a number of tech areas faltering due to corporate neglect.

Here are 10 agenda items many of us in IT would like to see the first-ever US CIO address.

Agenda item No. 1: Mandatory restitution for customer data leaks

Companies that damage the public trust by dumping chemicals in streams or by illegally disposing waste pay fines. But those that breach the public trust due to data mishaps face little in the way of restitution. This must change.

The scenario is familiar: Banks cancel debit and credit cards abruptly, issuing new cards and account numbers with little explanation. Such is the fallout of data breaches and incidents wherein accounting records are "lost." Too often the card-issuing banks fail to divulge the name of the company responsible for that data leak; they simply cancel and reissue cards, leaving unwitting customers to clean up the mess.

Although IT has been saddled with a legal duty to secure sensitive data and to notify the public in the event of a data breach, this type of corporate negligence goes largely unpunished. If more stringent mandates were put in place to actually hold companies liable for their own security breaches, customers would see better care taken with their identities.

Offending companies at the very least should pay every bank and account holder for the cost of canceling and reissuing credit and debit cards due to negligent data practices. Restitution should also include payment for the time required to fix the fallout of their negligence. Add a fine of $10 per record, and you will certainly see a drop in breaches that expose millions of customers' account data at a time -- or at least more diligence in protecting those records.

It is well past time to get serious about citizens' sensitive data.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Bill, BlackBerry, Cisco, Citizen, Comcast, Cornerstone, FCC, IBM, ICC, INS, Leader, Leader Computers, Macs, Microsoft, OSHA, Promise, Speed, Verizon, VIA
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Barack Obama, broadband, CIO role, data breach, e-voting, fcc, medical records, spam
Latest Blog Posts
Whitepapers
  • Enabling Agile and Intelligent Businesses
    In the last 3 to 5 years there has been widespread adoption of SOA with businesses making significant economic investments in service-enabling their IT systems. Looking to enable your business for efficient IT execution? Read this white paper now.
    Learn more »
  • SOA and Business Processes: Making the Connection
    Service-Oriented Architecture (SOA) is also complex, and one of its main characteristics is that an SOA system is comprised of multiple applications that are combined to accomplish critical business processes. Discussions of SOA can quickly grow so complex that the system’s main benefits to an organization are difficult to fully understand. This article discusses SOA Suite 11g, a family of products that take SOA to a new level and correct some of the problems caused by the very combination of components and multiplication of languages that make SOA a flexible, agile system.
    Learn more »
  • 10 Things Your Next Firewall Must Do
    While the next-generation firewall (NGFW) is well defined by Gartner as something new, enterprisefocused, and distinct, many network security vendors are claiming NGFW is a subset of other functions (e.g. UTM or IPS). Most traditional network security vendors are attempting to provide application visibility and control by using a limited number of application signatures supported in their IPS or other external database. But underneath, these capabilities are poorly integrated and their products are still based on legacy port-blocking technology, not NGFW technology. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments

HP and IDG news, product videos and resources