Perimeters

It falls to CSOs to vet their enterprises' relationships to make sure they add value rather than liability to the business mix

By Lew McCreary

January 01, 2004 — CSO — The famous so-called nonevent that overheated our nightmares back when the millennial clock was preparing to strike comes to mind again as we digest the conclusions of a report on what caused the electric grid to go haywire last summer. You can make a pretty good case that Y2K's retrospective status as a big disappointment, catastrophewise, owed a lot to the success of the many Paul Reveres in sounding the alarm and getting the money spent to fix what otherwise could have been a pretty big mess. (Yes, some opportunistic CIOs leveraged the Y2K FUD factor to get funding for major infrastructure upgrades that may not have been strictly necessary to achieve remediation. But, hey, it was probably money well spent, in any case.)

Among the enduring lessons we all learned back then was that seeing to one's own health was only part of the cure; in a promiscuously interconnected world, that corner-cutting slacker in your supply chain could land you and your company in sick bay. So you had to make sure the extended business family was getting its flu shots and taking other reasonable precautions against cascading infection.

There are few more tightly integrated infrastructures than the electric grid. In a largely deregulated environment, power generated in San Diego can be brokered to a utility in Tallahassee or Bangor; the task of getting it from place to place, while it might be logistically challenging, is by now routine. The guarded gates between segments of the grid are kept open to this sort of traffic. As power availability rises and falls within regions, and as demand for additional capacity ebbs and flows, adjustments are made across the board; transactions are consummated, and money is both made and saved.

But we know that individual pieces of this patchwork organism operate under independent ownerships governed by different business practices that place a higher or lower premium on this or that set of procedures or values. Sure, there are industrywide standards for what constitutes good practice, but in today's lightly regulated environment, a utility can fall short against such benchmarks without necessarily paying a penalty (until, of course, something goes wrong). This fact can be decisively important in a symbiotic arrangement of enterprises like that of the electric power industry.

Symbiosis is a circumstance that also applies in other industries, even if not quite so vividly as it does on the electric grid. Vulnerability has to be assessed in the context of those interrelationships. In the classic example of Wal-Mart, the giant retailer's supply chain partners intermingle their respective back-end information systems to create profitable efficiencies. Inspired by Wal-Mart's example, other industries have sought the same kinds of efficiencies, or have pursued other forms of opportunistic "ad hocracy"the ability to create and disband expedient alliances with casual rapidity as the climate shifts and pleasing currents come and go.

This is a world where perimeter loses its meaning as a term, where nothing can be perfectly defended, and where the industry neighborhood can be made more dangerous and less prosperous by a blighted property down the block. Of course, in a real neighborhood, the blighted properties stick out in ways they might not within an industry or supply chain. So it falls to CSOs to vet their enterprises' relationships to make sure they add value rather than liability to the business mix.

Read more about data protection in CSOonline's Data Protection section.

Other stories by Lew McCreary

• Print