It isn't the first time the CEO has kicked you between the legs but they were never quite like this one and it doesn't ease the pain that two board members are in the room when it happens just to be sure the message is clear but how could it not be after they try to make you sign those Sarbox-wannabe documents outlining how YOU were told by THEM that customer-data security has always been THEIR top concern yeah right and now it needs to be YOUR top concern and the piece-a-crap paper blathers on about the company's commitment to privacy and no stone unturned and heads will roll and our sacred obligation and the monkey's on your back and if clichés were only great technology and rigorously enforced processes then all would be well but those clichés are nothing more than diapers for these board-level jagovs who for the past 18 months have relentlessly hacked your budget and shoved IT Is Dead! articles in your face every time you asked for two nickels to keep your best people and bring in some high-powered expertise to identify and plug security holes in the supply chain that extends across five continents and 43 countries and 226 suppliers and partners while also telling you that some bozo CEO coach they golf with on weekends says that CIO now stands for Constantly Increasing Operating expenses and the only way to change that wastefulness is to bring those dogs to heel and break their spirit and show 'em who's boss and after all isn't that what that absurd We Love Privacy Soooo Much document they

want you to sign is all about because in the seven years you've been dealing with these guys you could swear this is the first time any of them ever mentioned the word c-u-s-t-o-m-e-r and now they act like they've been saying this all along except you'd never listen and in spite of their cocky and condescending attitudes you can smell their abject fear so just when you're about to tell them to shove it isn't it strange but who steps in to intercede but the CFO and that kinda surprises you because she's never been an enemy but she hasn't exactly been an unflagging supporter either but man did their heads spin when she says I don't think signing that document is a good idea for any of us and explains how in today's business world that trying to lay all blame for a data-security breach at the feet of the CIO is as pointless as trying to say that all growth and innovation and success accrues to the CIO and somebody could knock you down with a feather as you somehow get over the shock and find your voice and tell them that you and the CFO will be drafting a more-sensible policy statement of corporate responsibility that clearly outlines the corporation's overarching commitment to both security and privacy along with the various processes and policies and technologies to be deployed to create that security plus the specific individual responsibilities in that companywide effort of the CIO and the CFO and the CISO and the CMO and the CEO and yes indeed even the board members on the Audit Committee as well as the ones who are going to join your newly conceived Data Security and Privacy Committee with further breakdowns for VPs and directors and managers while in parallel the Operations Committee will immediately begin working with HR and a strong outside consultant to put together a legitimate Customer Security Guarantee with a training program for every single employee and partner to be rolled out worldwide within the next month and then the CFO further rattles the speechless wonders by telling them that they better stop treating this as some sort of high-school blame game because a recent poll of 5,000 consumers shows that 42% of online shoppers and 28% of online-banking consumers plan to change their habits because of phishing and other attacks and that a TechWeb news story reports that two U.S. senators are cranking up legislation that would include jail time for business execs and as she puts it unless you three numskulls want to trade your vertical pinstripes for some horizontal ones well she didn't say it exactly like that but that's what she meant then they'd better begin to see this as an enterprisewide initiative no less urgent than Sarbox and other compliance mandates and they better stop thinking that you the CIO can make this happen on your current shoestring budget but that since nobody gets something for nothing the two of you will draft a plan to show how a significant additional investment in processes and policies and infrastructure will also yield improvements in cycle times and information flow and of course security and legal liability and that she the CFO will this very day sign off on that promise and you three morons can take that to the bank and gentlemen this conversation is over because the CIO and I are going to lunch in the cafeteria to start getting this company back on track. And on the way what can you say but "Lunch is on me"?

Bob Evans
Editorial Director
[email protected]

To discuss this column with other readers, please visit Bob Evans's forum on the Listening Post.

To find out more about Bob Evans, please visit his page on the Listening Post.