Do You Have A Cyberconscience?

See the new issue of Briefings magazine, available at newsstands and online.

Personally, I would never get a wink of sleep from this moment on. Who hasn’t written something in an e-mail they’d rather not have disclosed to the whole wide world? In business, it’s crazy to think of the possibilities, not only in terms of embarrassing disclosures but the corporate information competitors would love to have.

And yet, don’t kid yourself, C-suite champions. The kinds of disclosures that WikiLeaks made during the presidential campaign last year—snared directly
from e-mail accounts—could definitely creep more into the business sector. Indeed, you may remember that hackers last year broke into two social media accounts of no less a tech genius than Mark Zuckerberg. Think fast: If you’re a corporate leader, is there anything you wrote electronically that you now regret, that shouldn’t be disclosed for one reason or another?

Apparently, not all companies have quite sounded the alarm. As our own website (kornferry­institute.com) reported recently, sure, many firms have put digital safety protocols in place, but most haven’t made full-scale upgrades in how they communicate internally. “I’m not sure that we’ve reached a tipping point yet,” Scott Shackelford, an associate professor of business law and ethics at Indiana University’s Kelley School of Business, told us.

But it seems almost absurd not to get ahead of today’s new realities. Obviously, assuring Internet safety is a full-time job for CIOs today, so it’s great to see companies issuing internal warnings against using public Wi-Fi or hotel devices while discussing sensitive materials. Relying more on encrypted messages or VPN helps too. And then there’s the basic reminders, like don’t reuse passwords, which turned out to be Zuckerberg’s cardinal sin. (For those awaiting the answer to show up on “Jeopardy” someday, the answer is “dadada.”)

But to some degree, relying on technology to make sure technology doesn’t burn you is missing the point, since no security system is foolproof. Companies need to look at their digital chat both backwards and forwards. “It’s really going to mean a wholesale review of what types of communications should be made and through what channels,” says my colleague Richard Marshall, global managing director of Korn Ferry’s Corporate Affairs practice.

What that means, among many steps, is assessing what some hacker might find worth disclosing from the past, including pesky but potentially damaging lawsuits or employee disciplinary actions, then preparing the proper public response for worst-case scenarios. By itself, this type of historical review could well be pretty exhaustive and may require some frank internal disclosures that could result in some CEOs deciding on having greater transparency.

Moving forward, there is the real possibility of limiting what C-suite folks should put in e-mails, what type of language is acceptable and whether we need, as our own new president suggested, to discuss truly sensitive material only face to face or by phone. Or at least require the pulp-only approach to recording some information that shouldn’t last in cyberspace forever.

All of which is to say it’s a rough but necessary review. And yet, I’d like to think that today’s new sphere of prying eyes has one plus side: It creates a sort of cyberconscience. After all, what corporate leader doesn’t now know that even a rude or impatient e-mail to an employee could come back to tarnish a well-burnished reputation? And as the top of the organization learns to take more deep breaths before hitting the “send” button, so too may hotheaded digital behavior improve throughout the company.

So … hurry up and get to work!