It never rains but it pours. Just as bosses and boards have finally sorted out their worst accounting and compliance troubles, and improved their feeble corporation governance, a new problem threatens to earn them – especially in America – the sort of nasty headlines that inevitably lead to heads rolling in the executive suite: data insecurity. Left, until now, to odd, low-level IT staff to put right, and seen as a concern only of data-rich industries such as banking, telecoms and air travel, information protection is now high on the boss’s agenda in businesses of every variety.

        真是祸不单行。就在老板和董事会最终解决了令人头疼的财务问题和违纪问题、改善了缺乏效率的公司管理之后，又有一个新的问题正在威胁他们，这个问题就是数据不安全，这会让他们（尤其是在美国）上头条丑闻，必然会导致执行管理人员受到处罚。迄今为止，数据保护工作一直由那些临时的低层数据技术人员来承担，并且仅被视为那些数据资源丰富的产业才会考虑的一个方面，比如银行业、电信业以及航空业等，如今，数据保护则成为各行业老板议事日程中头等大事。

      注：It never rains but it pours的英文解释为misfortunes usually come in large numbers；即“不雨则已, 一雨倾盆; 灾祸等不发生则已, 一发生便接踵而至”，所以此句话翻译为“祸不单行”。另外，heads rolling 这里直接译为“受处罚”，因为韦氏字典是说：heads will roll （for sth）是punish的含义，所以绿色字体是直译版，原来的翻译是不对的。

 

Several massive leakages of customer and employee data this year – from organizations as diverse as Time Warner, the American defense contractor Science Applications International Corp and even the University of California, Berkeley – have left managers hurriedly peering into their intricate IT systems and business processes in search of potential vulnerabilities.

今年，几起客户和员工数据的重大泄密事件使得管理人员们匆忙去检查其复杂的数据系统和商业流程，以便寻找潜在的弱点——这些泄密事件发生在像时代华纳、美国国防部合同商国际科学应用公司以及加州大学伯克利分校等不同的机构。

 

“Data is becoming an asset which needs to be guarded as much as any other asset,” says Haim Mendelson of Stanford University’s business school. “The ability to guard customer data is the key to market value, which the board is responsible for on behalf of shareholders.” Indeed, just as there is the concept of Generally Accepted Accounting Principles (GAAP), perhaps it is time for GASP, Generally Accepted Security Practices, suggested Eli Noam of New York’s Columbia Business School. “Setting the proper investment level for security, redundancy, and recovery is a management issue, not a technical one,” he says.

斯坦福大学商学院的Haim Mendelson 认为“数据正在成为一种需要像保护其他财产一样受到保护的财产”。“保护客户数据的能力是市值的关键因素，这是董事会应该为股东利益而承担的责任”。纽约哥伦比亚商学院的Eli Noam 暗示道，事实上，正如存在公认会计原则一样，现在或许应该是建立公认安全措施的时候了。他表示“为数据的安全、备份以及恢复确定适当的投资标准是一个管理问题，不是技术问题。”

 

The mystery is that this should come as a surprise to any boss. Surely it should be obvious to the dimmest executive that trust, that most valuable of economic assets, is easily destroyed and hugely expensive to restore – and that few things are more likely to destroy trust than a company letting sensitive personal data get into the wrong hands.

令人不可思议的是，这对于老板而言竟然是件奇怪的事情。毋庸置疑，最弱智的管理人员都清楚，信任，这个最有价值的经济财产，是很容易遭受破坏而要恢复它却代价高昂；很少有什么比一个公司让敏感的个人数据落入不法人员之手更可能破坏信任的了。

注：dimmest来源于dim，意思是“光线暗淡的”也可以指人“愚笨的”

The current state of affairs may have been encouraged – though not justified – by the lack of legal penalty (in America, but not Europe) for data leakage. Until California recently passed a law, American firms did not have to tell anyone, even the victim, when data went astray. That may change fast: lots of proposed data-security legislation is now doing the rounds in Washington, D.C. Meanwhile, the theft of information about some 40 million credit-card accounts in America, disclosed on June 17th, overshadowed a hugely important decision a day earlier by America’s Federal Trade Commission (FTC) that puts corporate America on notice that regulators will act if firms fail to provide adequate data security.

    目前情况的恶化——尽管还没有得到证实——可能与（美国，不是欧洲）缺乏有关数据泄露的法律处罚有关。在加利福尼亚最近通过了一项法律之前，美国公司不必告知任何人关于数据的泄露情况，甚至包括受害人。这种情况可能很快会得到扭转：如今，许多提议的数据保护立法正在华盛顿特区进行讨论。同时，6月17日有关美国约4000万信用卡账户数据被盗事件的披露，给此前一天美国联邦商务委员会的一个重要决定蒙上阴影，该决定请向全美国的公司发出了警告，如果公司没有实施恰当的数据安全保护措施，那么监管人员就会采取行动。

 

36. The statement “It never rains but it pours” is used to introduce

[A] the fierce business competition.

[B] the feeble boss-board relations.

[C] the threat from news reports.

[D] the severity of data leakage.

“It never rains but it pours”这句话用来介绍

[A] 激烈的商业竞争

[B] 脆弱的老板—董事关系

[C] 新报道的威胁

[D] 数据泄漏的严峻性

 

37. According to Paragraph 2, some organizations check their systems to find out

[A] whether there is any weak point.

[B] what sort of data has been stolen.

[C] who is responsible for the leakage.

[D] how the potential spies can be located.

根据文章第二段，一些组织检查的它们的系统是为了发现

[A] 是否存在弱点

[B] 哪种数据被盗

[C] 谁应该为泄漏负责

[D] 如何定位可能的间谍

 

 

38. In bringing up the concept of GASP the author is making the point that

[A] shareholders’ interests should be properly attended to.

[B] information protection should be given due attention.

[C] businesses should enhance their level of accounting security.

[D] the market value of customer data should be emphasized.

作者引入GASP这个概念是为了说明

[A] 股东的利益应该得到适当的关注

[B] 信息保护应该得到应有的重视

[C] 商业界应该改进他们的会计安全水准

[D] 客户数据的市场价值应该得到强调

 

 

39. According to Paragraph 4, what puzzles the author is that some bosses fail to

[A] see the link between trust and data protection.

[B] perceive the sensitivity of personal data.

[C] realize the high cost of data restoration.

[D] appreciate the economic value of trust.

根据文章第四段，让作者感到意外的是一些老板们没有

[A] 看到诚信与数据保护之间的关系

[B] 认识到个人数据的敏感性

[C] 意识到数据恢复的高成本

[D] 认识到诚信的经济价值

 

40. It can be inferred from Paragraph 5 that

[A] data leakage is more severe in Europe.

[B] FTC’s decision is essential to data security.

[C] California takes the lead in security legislation.

[D] legal penalty is a major solution to data leakage.

可以从第五段中推断出

[A] 数据泄漏在欧洲更加严重

[B] FTC的决定对于数据安全有根本性意义

[C] 加州在安全立法方面处于领头地位

[D] 法律上的惩罚是数据泄漏的一个主要解决方案