Blog: Facebook Data Exposure Offers Critical Lesson for Internal Auditors

In his blog, IIA President and CEO Richard Chambers, CIA, QIAL, CGAP, CCSA, CRMA, shares his personal reflections and insights on the internal audit profession. Here’s an excerpt from his latest post:

Facebook, once the social media darling that could do no wrong in the eyes of users and investors, was hit with another setback recently. Researchers at a cybersecurity firm discovered Facebook user information readily available on cloud computing servers run by Amazon.com.

The revelation comes about a year after Facebook was pilloried for the Cambridge Analytica scandal, where an app developer shared data on millions of Facebook users with a political consulting firm. Despite assurances from Facebook CEO Mark Zuckerberg that the company would do more to protect user data, lapses such as the one involving Amazon continue to come to light.

From an internal audit perspective, Facebook’s woes offer a clear and compelling lesson: Data, once viewed solely as an asset to be leveraged, now must be viewed as a potential liability or risk, as well. Demand is growing for greater protection of data, or more precisely, protecting the personal identifiable information that makes such information a treasure trove for marketers, retailers, political campaigns, and others who want to influence what the public thinks and does.

Read the full InternalAuditor.org blog post from IIA President and CEO Richard Chambers.

X