Content area
Full text
I recently helped my son build his first pine wood derby car. He took second place out of a field of ~60 cars. The secret of taking a block of wood, four nails and cheap plastic wheels is reducing all forms of friction that the car can face and moving the balance to the right parts of the car.
One of the dads realized this fact a bit late in the process and asked a fellow dad if he happened to have any graphite (a carbon-based lubricant) with him. The response was “of course I do, I carry it on me at all times…right next to my Chapstick!”
"Friction" in a human and organizational sense is defined as “conflict or animosity caused by a clash of wills, temperaments or opinions.”
The average employee not working in a security/privacy/legal role may hear the terms “privacy,” “security” and "IP/privacy legal" and think they are variations of the same focus and desired outcomes. For example, defending a company against the theft of intellectual property and confidential information would intuitively have some overlap to protecting personal information. With that shared goal, everyone should work seamlessly well together, right?
The answer, all too often, is a hesitant and unfortunate “no.”
Many companies experience friction, silos and turf wars between security, privacy and legal departments. Friction creates drag. Drag slows progress. Lack of progress reduces a company’s ability to successfully manage collective risks.
Tim Sewell (CTO/Co-founder of Reveal Risk) and I were reflecting on personal experiences and observations of these issues across different companies, and decided to analyze what was going on so we could help colleagues and clients create win:win:win outcomes between these functions. Our usual approaches to further research this seemingly common problem turned up virtually no articles or blog posts on the topic. We suspected the root causes and potential solutions were likely hidden amongst people/politics, culture, fear and legacy thinking.
Not to be deterred and wanting to get to the root of the issue, I went to my network to enlist respected experts and crowdsource contributions to the analysis and solutions. I am grateful to have had over 15 volunteers raise their virtual hands to contribute. In a testament to the complexity of these issues, many asked...