Study Finds Company Leaders Lack Privacy Involvement
DATA PROTECTION—U.S.June 22, 2010
A survey of 66 board members and senior executives at Fortune 100 companies by Carnegie Mellon University's CyLab exposed inadequate involvement in their organizations' privacy and security decisions, SC Magazine reports. While organizations are encouraging more cross-company communication about privacy, none of the respondents to the second "Governance of Enterprise Security" report listed improving computer and data security as a top board priority, the report states. The survey also found that 61 percent of respondents have not reviewed or approved annual privacy and security risk management budgets--an increase from 40 percent when the survey was conducted in 2008--and that they are receiving fewer security and privacy reports. The study also indicated that many organizations lack key privacy and security positions such as CISOs and CPOs.