Informational risk management has never been more challenging than it is today, and that is unlikely to change in the foreseeable future. Organizations continue migrating toward cloud-based storage and platforms. They uproot legacy IT infrastructure while deploying specialized Enterprise Resource Management (ERP) systems. They build out business analytics functions that blur distinctions between data they generate, license, use, and leave behind. They adopt special-purpose communications tools to optimize for security or transience.
Changes like these create ripple effects of unpredictable complexity. The distributed and specialized nature of cloud-based data solutions, for example, makes straightforward-seeming questions about how to define a data unit, where data is located and what constitutes “use,” almost metaphysical. This complicates traditional interpretations of legal issues like jurisdiction and how to apply guidance around retention, security, interoperability and use.
