On May, 13th, 2008, I had the opportunity to introduce for the first time in Spain, as a novelty, what just some twenty days after would become the first -and, could be said, almost the last up today- international standard dealing with BoD’s accountability for the use of technology in their organizations.
[ISO 38500 was released, in its first edition, on early June, 2008]
I recall that after my speech, and given the ‘overseer’ role the new standard was going to assign to directors, one attendant asked me: “And who is going to ‘oversee’ the ‘overseer’?”.
I also remember that during my answer I advocated for giving a certain margin of trust to regulators.
Today, eight years later, these same regulators seem to keep interested -I hope that even more than in 2008- in making companies accountable for the [negative] consequences of the use of technology. More precisely, BAD use.
Current cyberspace’s strategic interest and, particularly, that of the critical information infrastructures that populate it, can be, as a relevant cause, behind regulators’ concern about how businesses adopt counter-measures to avoid, or to minimize, the effects of any cyber incident. Among these measures, ‘counter-hacking’ seems to be gaining relevance; or, at least, it seems to be matter of debate.
Dissemination and awareness improvement could be taken into account, too, as part of the above mentioned counter-measures: CCI has released a series of sound recommendations to face the effects of certain high-impact threats on industrial automation and control systems. ISA, via its Spain’s Section, has released a new guide explaining some of the technologies that integrate those control systems.
Deepen these and other topics in our weekly "Newsletter". Subscribe here and enjoy reading!