To derive value from new technology, new changes in economy, business environment, regulatory regimes, enterprise IT managers need to keep their eyes and ears open
A good two weeks after the Srikrishna Committee released its whitepaper outlining various issues to consider in a possible data privacy legislation in India, I tried to informally seek the opinion of delegates—CIOs, CISOs and other senior security professionals—participating in a security-themed event. Just 3-4 out of more than 30 delegates knew something about the report.
I was not exactly shocked. I was already working on a story on the digitalization journey of large Indian corporations then and was getting a strong message that if not many CIOs are leading the digitalization journey, it is not because they are devoid of any skills but many of them cannot draw on a blank canvas. They are excellent problem solvers but they expect the ‘problem’ to be defined for them. Digitalization—where ‘use cases’ is the ruling catchphrase—does not work that way.
Earlier, enterprise IT managers understood only technology; then, understood processes and corresponding metrics; now, many of them have a fairly good understanding of their own business dynamics. That is good enough to derive value from technology for ‘business as usual’ part. But to derive value from new technology, new changes in economy, business environment, regulatory regimes, they need to keep their eyes and ears open.
Unlike the Srikrishna Committee white paper, the new national digital communication policy is a full-fledged policy document. Despite its positioning as the latest update to the country’s telecom policy, it is not a mere sectoral policy draft—partly because communication itself has broadened its scope and partly because the government has chosen to include certain policy positions—such as data privacy itself—within this policy draft.
Yet, the awareness about its provisions is also low among the community. All that we do in this issue is to highlight the important points within the draft that have direct and indirect implications for IT and security managers. To that extent, it is not even a story.
But carrying it on cover is also our way of reiterating that environmental changes are as important as changes in an organization or a particular industry in what has already become an outside-in regime.