Already besieged by invading hordes of cyberattackers and malicious hackers, CIOs are increasingly under additional assaults from what we could call "friendly fire" as mounting numbers of employees are exposing or compromising corporate security with a range of social media, unauthorized devices, and rogue cloud access.

While this two-fronted attack in some ways just marks another day in the life for CIOs—whose responsibilities include handling complex and multifaceted operations and behaviors—it represents something much more serious, I think, because it has the potential to cast CIOs in the very worst possible light during these times of high change, disruptive business processes, and a challenging global economy.

How can CIOs and other business leaders (1) embrace social media and new-fangled but unauthorized devices and cloud experiments while also (2) ensuring rigorous security that protects customer data and other vital corporate assets?

How can CIOs ride the new wave of social tools—especially those aimed specifically at business users from Salesforce.com, SAP, Jive, and others—while also reconciling all the associated potential exposure and exercising their fiduciary responsibilities to manage corporate risk?

How can CIOs find the right balance between engaging with the the latest tools while also providing increasingly rigorous security levels?

How, ultimately, can CIOs be simultaneously Joe Cool and Dr. No?

Global CIOs: A Site Just For You

Visit InformationWeek's Global CIO -- our new online community and information resource for CIOs operating in the global economy.

A new study sponsored by Cisco underscores some daunting prospects gleaned from 500 IT security professionals across the U.S., India, China, Japan, and Germany.

The study found that in more than 50% of those organizations, unsupported applications were being used, with the following among the top offenders: