The data snooping debate has quietened down a little recently, even if Edward Snowden’s name still crops up here and there. Whether or not the revelations about intelligence activities have changed much in terms of governmental attitude and behaviour remains to be seen. Pressure can still be applied to Internet, cloud and telecommunications service providers to provide data about users, and the only safe data encryption may be the one you do yourself. Indeed, increasingly large quantities of information are generated every day and are available for analysis by government agencies. But who decides what to do with all the data?
Snowden’s revelations about America’s NSA included a wide range of monitoring and espionage activities covering many countries. Snowden also described the ‘Five Eyes’ intelligence alliance between Australia, Canada, New Zealand, the UK and the USA as ‘a supra-national intelligence organisation that doesn’t answer to the laws of its own countries’. Who really drives the decisions and applies the conclusions derived from these intelligence activities is a mystery. Yet the danger of a lack of control or coordination may be just as great a concern.
There may be a lesson in all of this for organisations that are planning their own business continuity and resilience. Market intelligence gathering is often an essential part of corporate survival, and for reasons of business confidentiality business continuity plans cannot always be divulged openly. But however secretive an enterprise is about measures to ensure resilience, one person or one entity must be identified as the point of coordination for business continuity in general – in other words, be the pilot in the business continuity plane. This should ensure that all departments apply business continuity effectively and completely, without leaving vulnerabilities to be exploited or allowing rogue business continuity activities to perturb overall profitability and productivity.