Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

10 IT agenda items for the first US CIO

Obama's appointment of Vivek Kundra marks an important first step for rectifying the nation's concerns about IT
Page:

Last week, US President Barack Obama made good on his promise to appoint a national tech leader for the United States. As the country's first-ever CIO, Vivek Kundra faces significant challenges modernizing the nation's IT infrastructure and will be charged to do so at a time when self-interests and a lack of industry oversight threaten not only our freedoms and privacy but also the long-term innovation potential of IT.

And though the former CTO of the District of Columbia's new job description errs on the side of IT management rather than US tech policy, the move toward a national CIO -- and, likely, a national CTO -- lends hope that the government will provide much-needed oversight to an industry that has fast been infused into nearly every aspect of our lives.

After all, governance has proved essential to safeguarding a variety of long-standing industries from corporate malfeasance. And creating a post designed to oversee government-wide technical initiatives may be the first step toward getting the United States back on track in a number of tech areas faltering due to corporate neglect.

Here are 10 agenda items many of us in IT would like to see the first-ever US CIO address.

Agenda item No. 1: Mandatory restitution for customer data leaks

Companies that damage the public trust by dumping chemicals in streams or by illegally disposing waste pay fines. But those that breach the public trust due to data mishaps face little in the way of restitution. This must change.

The scenario is familiar: Banks cancel debit and credit cards abruptly, issuing new cards and account numbers with little explanation. Such is the fallout of data breaches and incidents wherein accounting records are "lost." Too often the card-issuing banks fail to divulge the name of the company responsible for that data leak; they simply cancel and reissue cards, leaving unwitting customers to clean up the mess.

Although IT has been saddled with a legal duty to secure sensitive data and to notify the public in the event of a data breach, this type of corporate negligence goes largely unpunished. If more stringent mandates were put in place to actually hold companies liable for their own security breaches, customers would see better care taken with their identities.

Offending companies at the very least should pay every bank and account holder for the cost of canceling and reissuing credit and debit cards due to negligent data practices. Restitution should also include payment for the time required to fix the fallout of their negligence. Add a fine of $10 per record, and you will certainly see a drop in breaches that expose millions of customers' account data at a time -- or at least more diligence in protecting those records.

It is well past time to get serious about citizens' sensitive data.

Page:

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Bill, BlackBerry, Cisco, Citizen, Comcast, Cornerstone, FCC, IBM, ICC, INS, Leader, Leader Computers, Macs, Microsoft, OSHA, Promise, Speed, Verizon, VIA
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Barack Obama, broadband, CIO role, data breach, e-voting, fcc, medical records, spam
Latest Blog Posts
Whitepapers
  • High Availability with Oracle Database 11g Release 2
    In this paper, we review the common causes of application downtime and discuss how technologies available in the Oracle Database can help avoid costly downtime and enable rapid recovery from unplanned failures and also minimize impact from planned outages. We also highlight new technologies introduced in Oracle Database 11g Release 2 that enable businesses to make their IT infrastructure even more robust and fault tolerant, maximize their return on investment on high availability infrastructure, and provide better quality of service to users.
    Learn more »
  • Consolidation Without Compromise
    Virtualisation of computer, storage and infrastructure is enabling the transformation of enterprise datacentres into private clouds. The impact is an unprecedented ability to consolidate infrastructure without compromise: no change to service level agreements (SLAs), no loss of performance or scale, and no regression in the organisation’s overall security posture. Read on.
    Learn more »
  • Fixing Your Dropbox Problem - How the Right Data Protection Strategy Can Help
    It’s estimated that more than 50 million people have used public cloud storage services such as Dropbox to share and exchange files. Public cloud services are so easy to use that their openness can undermine existing IT policies regarding the transmission of confidential data. With data volumes threatening to overwhelm onsite storage, IT managers are looking to find a solution that’s affordable and secure. This paper details a simple three-step approach to helping users manage access to the public cloud without placing your data or your business at risk. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments