It never rains but it pours. Just as bosses and boards had finally sorted out their worst accounting and compliance troubles, an

admin2020-03-31  27

问题     It never rains but it pours. Just as bosses and boards had finally sorted out their worst accounting and compliance troubles, and beefed up their feeble corporate governance, a new problem threatens to earn them—especially in America—the sort of nasty headlines that inevitably lead to heads rolling in the executive suite: data insecurity. Left, until now, to low-level IT staff to put right, and seen as a concern only of data-rich industries such as banking, telecoms and air travel, information protection is now high on the boss’s agenda in businesses of every variety.
    Such contented self-satisfaction may have been encouraged—though not justified—by the lack of legal penalty for data leakage. Until California recently passed a law, American firms did not have to tell anyone, even the victim, when data went astray. "Boards should pay as much attention to these IT operational risks as they do to other operational risks in the firm," argues George Westerman of the MIT Sloan School of Management. After all, boards have audit committees and compensation committees. It may be time for a data-protection committee, he argues. Bosses must ensure that there are effective data risk-management processes in place, be aware of their greatest vulnerabilities and promote a corporate culture that acknowledges data risks rather than hides them.
    But the problem is often a lack of understanding by senior managers not just of technology but of business processes, says Thomas Parenty, author of Digital Defense: What You Should Know About Protecting Your Company’s Assets. "No one in the organisation bothers to look at the value of what data they hold, the consequences if something bad happens to it, and the appropriate mechanisms to prevent that from happening," he says.
    So, what should a boss do? Accountancy firms and consultants are already spotting a chance to profit by conducting an independent security and privacy audit—and for many firms, their(no doubt)huge fee will probably be worth the money. The auditors inspect technology systems, data flow and the controls on access to data within an organisation and with its business partners.
    A wise boss will also appoint a senior executive to be responsible for data security—and not just to have a convenient scapegoat in the event of a leak. Diana Glassman, a data protection expert, says that a useful first step would be for the boss to write to all employees reminding them of the risks and potential cost of data leakage, and asking them, before passing data to anyone else, to question whether that person truly needs, or is entitled to, it.
According to Thomas Parenty, the key problem for bosses, as far as data loss is concerned, is that______.

选项 A、bosses don’t fully understand the technology or the business processes
B、data held by companies are rarely used
C、data held by companies can be lost without anyone knowing
D、bosses are unwilling to undergo privacy audits

答案A

解析 属细节题。第三段第一句话说:But the problem is often a lack of understanding bysenior managers not just of technology but of business processes,该句关键词是lack以及not just…but…(不仅…而且…)。这句话的意思是“问题在于高级管理者不仅对技术而且对商业程序都缺乏了解”。由此我们看出A是最合适的选项。
转载请注明原文地址:https://kaotiyun.com/show/m91Z777K
0

最新回复(0)