As more employees blatantly flaunt IT policies, CIOs are getting crushed between security mandates and social's unstoppable momentum.
Already besieged by invading hordes of cyberattackers and malicious hackers, CIOs are increasingly under additional assaults from what we could call "friendly fire" as mounting numbers of employees are exposing or compromising corporate security with a range of social media, unauthorized devices, and rogue cloud access.
While this two-fronted attack in some ways just marks another day in the life for CIOs—whose responsibilities include handling complex and multifaceted operations and behaviors—it represents something much more serious, I think, because it has the potential to cast CIOs in the very worst possible light during these times of high change, disruptive business processes, and a challenging global economy.
How can CIOs and other business leaders (1) embrace social media and new-fangled but unauthorized devices and cloud experiments while also (2) ensuring rigorous security that protects customer data and other vital corporate assets?
How can CIOs ride the new wave of social tools—especially those aimed specifically at business users from Salesforce.com, SAP, Jive, and others—while also reconciling all the associated potential exposure and exercising their fiduciary responsibilities to manage corporate risk?
How can CIOs find the right balance between engaging with the the latest tools while also providing increasingly rigorous security levels?
How, ultimately, can CIOs be simultaneously Joe Cool and Dr. No?