Neglect Guiding Principles

CSC's Reidy said guiding principles for the program have to be set up as early as possible. Reidy suggested setting the guiding principles to first focus on privacy and then on rooting out the bad actors within the organization. The reason for that, he said, is that the program is only around 10 percent technical, and the rest will require the involvement of HR, legal and other teams as the program starts to take up an employee's time and responsibilities.