The chief security officer (CSO) position has matured to the point where the title isn't particularly jarring when you see it on a business card. However, the same probably cannot be said for the chief privacy officer (CPO) job. . .
The chief security officer (CSO) position has matured to the point where the title isn't particularly jarring when you see it on a business card. However, the same probably cannot be said for the chief privacy officer (CPO) job.

Yet as companies face increasing pressure from the public to keep data protected, they are creating CPO positions. The move has both organizational and public relations value. For example, IBM Corp. got a lot of coverage in 2000 when it named Harriet Pearson CPO in order to, in the company's words, "lead initiatives across IBM that will strengthen consumer privacy protection."

Some companies may be tempted to create a position with combined security and privacy duties because the areas are undoubtedly interlinked. However, the CPO position has a different posture than the CSO job. CPOs tend to be more outward facing, while CSOs look more inward. For example, a CPO may argue against selling customer data to another company because of privacy concerns. "They function as the customer advocate within a company," said Peter H. Gregory, a consultant with the Woodinville, Wash.-based HartGregory Group.

The link for this article located at SearchSecurity is no longer available.