Information Technology

Exploring the opportunities and challenges presented by data protection for today’s CEOs

By Ian West, Director of Digital Information Services at Project One and member of the GDPR Institut's Advisory Committee
Information Technology
Published: 28 June 2018

Customers leaving in droves, tumbling share prices, major investors pulling out and a loss of shareholder confidence. Facebook has had a tough start to 2018 and opened Pandora’s Box of customer data, raising questions about the way in which businesses approach data protection.

As one of the most powerful brands in the world, Facebook had the opportunity to lead by example, to show other companies the right way to approach privacy and respect their user’s data. Unfortunately, as recent events have shown, Facebook chose not to and is now mired in a scandal, the effect of which has caused ripples across the world. The trust that consumers placed in companies, when sharing their personal information and data, has been broken, and with EU data protection regulations being overhauled with the implementation of GDPR, businesses need leaders who can navigate these uncharted territories.

Here, I explore the opportunities and challenges for CEOs in managing how their organisations deal with data and why; rather than being regarded as a burden, data should be regarded as a strategic asset.

Why should CEOs care about data?
The role of the CEO is to be their customers’ champion and to ensure that the service their business offers lives up to the brand promise and values. After all, what is a business without its customers?

Facebook’s success is built on data, but the approach taken by CEO Mark Zuckerberg demonstrated a lack of commitment to protecting this precious resource, and to addressing the scandal that surrounded Cambridge Analytica’s use of data. The reality is that protecting data and ensuring compliance with information regulations can be complicated. Unfortunately, this means in some cases, businesses would rather take the decision to ignore it, than invest in putting a robust strategy in place to manage data safely and effectively. The problem is that in the event of a security breach or misuse of data, the repercussions are wide-reaching and, in the majority of cases, can cause irreparable damage to the reputation of a business and its leadership team.

Look at TalkTalk for example. A cyber-attack in October 2015 led to the personal information of over 150,000 customers, including sensitive financial data, being accessed by hackers. TalkTalk had failed to take basic steps to implement cyber security measures and protect their customers’ data. The result? The company was hit with a record £400,000 fine from the Information Commissioner’s Office. Dido Harding, the CEO at the time, addressed the situation head on in a BBC Newsnight interview within 24 hours of the attack. Unlike some other companies, TalkTalk chose to be open and honest about what had happened, acknowledging the responsibility to look after their customers and warning them about the risks of their data being compromised.

Ultimately, if a CEO fails to protect their business against a data breach, they are likely to be held accountable for a loss of customer confidence and falling share prices. They will also have to deal with press criticism, the stress of managing a drop in revenue and profits, and, at the end of it all, when the damage limitation is done, they will inevitably face pressure to step down. This is why CEOs should care about data.

Having been called to provide a testimony before the United States Senate Committee on Commerce, Science, and Transportation, Mark Zuckerberg is a high-profile example of how CEOs are being held responsible for data and how it is handled. Having declined the invitation to appear before UK MPs and failing to address the situation head on, Mark Zuckerberg missed the opportunity to reassure customers and shareholders alike, by demonstrating his commitment to protecting data and finding a safer, more secure way forward.

To futureproof the success of their business, CEOs will need to eat, sleep and breathe data, otherwise, customers will simply go elsewhere – not to mention the hefty fines that can be imposed under the new GDPR regulations. Data is integral to business success. To put it simply, a CEO should care about data the way a Chief Financial Officer cares about cash.

The challenge is that data is often seen as a ‘hot potato’ problem and responsibility is often passed between different departments, without any internal infrastructure or cohesive strategy to funnel it through the business. In the wake of the Facebook and Cambridge Analytica scandal and the implementation of GDPR, CEOs will now be required to take ownership of the data handling process within their company, or risk facing the consequences.

So now we’ve set the scene, how can CEOs embrace data with the care and attention it deserves and what rewards can they expect to reap?

Bridging the generational gap
Over the last decade, the customer journey has been transformed by digital and technological developments and, as a result, businesses have had to adapt to the monumental shift in consumer attitudes and behaviours. The millennial generation demands a digital offering that puts information, and with it, security, at the centre of its operations. By driving a more digital, data driven approach, CEOs can align their businesses with the needs of the millennial generation and future proof their customer base.

However, the reality is that many of today’s CEOs grew up in an era when consumers did not have the freedom of choice available that the internet and e-commerce now allows. Younger generations who grew up with the internet and understand the value of data in the digital landscape, are the driving force behind changing and modernising the role of the CEO when it comes to information and data. It’s up to today’s CEOs to steer their organisations through the complexity and challenges that data protection can present, and restore consumer’s trust in how businesses, big and small, manage their personal information.

Looking ahead
Data is fast becoming a critical metric for business success and, as such, CEOs must take responsibility for ensuring that their business keeps up with the rapidly evolving digital marketplace. While for some this may seem like a daunting prospect, there are some inspiring examples of businesses who are getting it right. Amazon, Google, Intel, GE and Mercedes Benz represent a selection of the companies who are future-proofing their success by making data a priority and finding intelligent, compliant ways to use it as an asset.

Project One developed its Digital Information Service, to help businesses achieve their digital goals, and manage the psychological shift from seeing data as problematic to a valuable strategic asset. Thus enabling them to embrace the opportunities and challenges that safe, secure and responsible data management presents.

Ultimately, the role of the CEO is to put their customers first. In the digital world, this role must now also encompass data, and respecting the information that customers entrust to a business. CEOs have the opportunity to lead by example and ensure that their business is data compliant, treating their customer’s data with the respect it deserves.

Clearly communicating the responsibilities of each department, from sales and marketing to HR and finance, is one way in which CEOs can lay the foundations for a robust data strategy and encourage ownership across the business. By treating data as a strategic asset, CEOs can transform how their businesses operate in order to develop and maintain a strong competitive advantage, delivering the level of service expected in a digital world.

About the author
Director of Digital Information Services at Project One, Ian has 30 years’ experience in the Analytics, Information Management, Data Governance, Privacy & Security markets, from the earliest generations of Enterprise Information Systems, to current expertise in every aspect of the increasingly complex and ever-changing Information market.

He has worked with clients from all industry sectors at a UK, European and Global level and is a regular contributor as a subject matter expert at UK and European conferences on topics including Analytics, Information Governance and Compliance, Data Quality, Information Lifecycle Management, Master Data Management, Data Monetisation and Process Optimisation, Business Intelligence, Data Warehousing, Big Data and increasingly on all matters Digital Information Transformation. Ian is also a member of the GDPR Institut’s Advisory Committee.

https://www.linkedin.com/in/ianwest1/