In Ancient times people understood privacy. They even took the concept to a spiritual level. The Romans had a god called Angerona. By all accounts she was the goddess of secrecy and silence. She was represented as a woman with her mouth bound and sealed up with a bandaged finger to her lips commanding silence. In those days as in modern times secrets and information were more valuable than money.
Information was tangible before it became electronic. It was a file marked top secret, it was contained within a safety deposit box that required a key. People could get their head around the concept and could be brought easily to the appreciation of its importance. It was natural that the Romans would then underpin their Information Security programme with a deity that would keep the god fearing people of Rome aware of security at all times.
Electronic information suffers from the “out of sight, out of mind” syndrome which combined with the prevalence of “someone else’s problem” creates a significant awareness vacuum within management and staff. Today’s organisations are completely dependent on secure robust information systems. However, we have to find a way to make information protection more tangible to our users. The Government and industry Regulators are beginning to do their bit through fines and sanctions. There is nothing like the sight of a CEO defending a data breach to the media to ensure that the compliance and security departments are provided with the right level of budget.
In a complex world the option of simply setting up a deity to information security won’t fly. What a pity, because the alternative is to do it the hard way over a long period of time. Changing people’s perceptions of the threat through education, communication and when necessary enforcement. Secrecy and the protection of information have been around for a long time. Its just time we matured our approach to its new forms.