NTT surveys Snowden impact on IT ops/strategy

NTT surveys Snowden impact on IT ops/strategy

Summary: A survey of 1,000 IT execs in the US, France, Germany, Hong Kong and the UK found that up to 97 percent are changing where and how they manage their data. Cost to US companies could be $35 billion through 2016.

TOPICS: Storage, Cloud, Security

A new study of global ICT decision-makers, titled NSA Aftershocks, commissioned by NTT Communications, shows how the US National Security Agency's (NSA) PRISM program has affected enterprise business strategy and operations.

The market research firm Vanson Bourne interviewed 1000 leaders at major companies in France, Germany, Hong Kong, the UK and the USA in the last two months. Among its findings:

  • Almost nine in ten IT leaders are concerned their data may have been accessed without their permission
  • Only 5 percent of respondents believe location does not matter when it comes to storing company data
  • More than three in ten (31 percent) are moving data to locations where the business knows it will be safe
  • 87 percent say they now have an in-depth knowledge of the data protection laws in the countries where their business operates
  • 83 percent agree the revelations have prevented them from moving their IT infrastructure into the cloud
  • ICT decision-makers now prefer buying a cloud service located in their own region, especially EU respondents (97 percent)
  • A sixth is delaying or cancelling cloud projects

A study released in August of last year by the Information and Technology Innovation Foundation predicted that US companies could lose up to $35 billion in revenue through 2016. The new survey suggests that IT decision-makers are indeed taking action that affects US companies.

The Storage Bits take
The steady drip-drip-drip of the Snowden revelations may make that $35 billion estimate way too low. Who knows - other than the NSA - what other bombshells will go off in the next year?

The survey makes clear that IT execs are now awake to the risks of cloud storage and the issues of data location. Given a tech P/E ratio of 20 and a gross margin of 60 percent, these revelations could knock more than $400 billion off the market capitalization of affected firms.

The US intelligence community's - which includes the NSA and CIA - record of lying to Congress, their funders and our designated drivers, is chilling. Their recent Heartbleed denials - "uh, is it better for us to look stupid or or even more evil?" - don't inspire confidence.

Nothing typifies the rogue behavior of US intelligence agencies more than the fact that after the Total Information Awareness program was tabled by Congress in 2003, the agencies went ahead and did it anyway - at great cost to US prestige and for no observable increase in US security. And now, it appears, at great cost to US companies.

Shielded by over-broad secrecy laws, the NSA was essentially unaccountable until Snowden released, at great personal cost, the damning documents. Each generation of Americans has had to fight to retain control of our government and to enforce fidelity to the Constitution.

This is this generation's battle to win - or lose.

Comments welcome, of course. Encryption helps, but the power of sigint and global data correlation makes privacy ever more difficult. What else needs to be done to protect the private sphere from over-reaching governments?

Topics: Storage, Cloud, Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • Snowden didn't change enough

    Too many are still using Windows XP. You can't be serious about IT security and information privacy when you're stuck on a 13 year old OS that is the most targeted by hackers around the world.

    Knowing that the IRS, many other government agencies, hospitals, banks, and plenty of private companies are still stuck on XP, how can any of us expect to be safe?

    Privacy is impossible because IT security isn't taken seriously.
  • Private Companies gather personal info too

    There should be over-sight for all large entities, private and public. I'm not a big believer in the NSA anyways. Don't we already have the FBI and CIA? All police forces need to communicate better. That should be the only thing the NSA is doing. Instead they are yet another spy agency the world doesn't need.
  • Legal restrictions

    the biggest problem is the Patriot Act, as well as what the NSA has been / is doing. It is contravention to the legal requirements of companies outside the USA, especially companies with European based operations.

    Safe Harbour is all well and good, but the European client is responsible for seeing that his data isn't handed over to 3rd parties outside of Europe without the consent of those affected.

    i.e. if the NSA collects his customer database from his cloud provider, the client first has to get the written permission of each one of those customers, before he can hand over the data to the NSA. As the NSA doesn't ask the client and the cloud provider can't inform him, that leaves him open to prosecution under EU law if it comes out.

    If he uses a European cloud provider and the cloud provider is hacked by the NSA, that is a different matter. Likewise, if the NSA, FBI etc. want to see the data and can't hack it out of the data centre, then they need to get a locally issued warrant to view the information, again the access is then legal and above board.

    Doing business with American cloud companies, or even non-American cloud companies that have a branch office or a server in the USA is a big risk for non-USA based companies. The question they have to ask, do the risks outweigh the benefits?

    It adds a whole new branch to the ROI equation, how long is the CEO willing to spend behind bars, if it comes out he "let" the NSA have his data, just by using a cloud provider with a USA presence?