The Ongoing Struggle to Keep Sensitive Data Secure: What Lies Ahead in 2023

By on
Read more about author Nikolas Acheson.

Ask any data or security professional and chances are they will say that the growing number of global threats combined with the increasing demand by consumers to understand how their data is being used, stored, and accessed has made their job extremely stressful. Running sensitive workloads in the cloud has exacerbated the problem and continues to be an ongoing, hot topic of debate for company executives. Two polarized mindsets are to blame for this: the desire to use all available data sets to identify new opportunities and the fear of potentially exposing personally identifiable information and other highly sensitive data to unauthorized users.  

Moving sensitive data to the cloud is not to be taken lightly, but it is becoming less anxiety-provoking, as organizations apply modern data security approaches to reduce and/or eliminate cross-cutting business problems. In the coming year, companies will continue to look for ways to share available data safely and responsibly so they can produce more and execute faster. As a result, expect to see the following trends in 2023:

Trend #1: Data subject access requests (DSARs) get supercharged

With more breaches becoming public, policy makers are being forced to represent a frustrated consumer base and hold companies more accountable. As such, we’re continuing to see a boom in policies, regulations, and permissibility, with corporate executives being held accountable for not following best practices. 

In 2023, new technologies along with attention from the legal community will pick up steam, enabling individuals to gain greater visibility and control of what, where, and how their data is being used. Unfortunately, it will cripple many enterprises that still struggle with over-provisioning of data, lack of full visibility, and legacy patterns operating in contemporary distributed data environments. 

Trend #2: Data contracts become more real, and the business finally gets involved

Too many engineering teams are struggling to maintain data quality, access, and track usage patterns. While many businesses have in-function analytics professionals collaborating with core enterprise analytics teams, data and/or analytics engineering professionals are still navigating data domains and certifying data coming out of data build tools. 

In 2023, the continued proliferation of data is going to finally force the business to take more ownership, not just in use and interpretation, but also in the patterns of how it is managed and provisioned. Distributed stewardship will become a reality and the best way to enable this will be with tools that are not built for engineers, but with data contracts that clearly map ownership, use, dependencies, etc. This will become more visible as features in data catalogs and/or a few startups emerging since confluence will not cut it at scale. 

Trend #3: Larger separation of companies embracing data mesh vs. those locking down

As we saw with GDPR in the early days, data access requests lead to two dominant responses: accelerated digital and data innovation and modernization versus deletions and lockdowns. Similar to the COVID virus, some liquidated assets are tough to survive, while others embraced the new digital landscape and realized that things will not be the same and customers are going to change their behaviors, buying patterns, and interests. In 2023, companies looking to survive long-term will need to address the evolving policies around data permissibility, usage, and visibility or be hit with lower valuations and legal troubles. Customers will increasingly demand more accountability and respond with their purchasing behavior towards companies they no longer trust.