Click to learn more about author Amar Kanagaraj.
The cybersecurity landscape has been undergoing a sea change, driven by growing data privacy concerns, ever-increasing security threats, regulations, and geopolitical factors.
Recently, COVID-19 has fundamentally changed many definitions and structures for businesses. The current health crisis has brought data privacy and security vulnerabilities more sharply into focus. In these circumstances, many organizations are pondering a significant cut to their spending, due to business slowdown. In such challenging times, leaders must have a concrete understanding of the situation to ascertain why CDOs can use a bigger budget, and the factors affecting that need.
Understanding the Landscape
To understand the pressing need for better data privacy and security, first, let us look at how the Data Governance landscape has changed in recent times and the challenges that have emerged as a result.
Here are some factors:
- As data generation and collection rates have gone up exponentially, there has been a proportional rise in concerns regarding the safety and privacy of that data. Security vulnerabilities can quickly escalate as companies store, use, and share data. Especially when companies share data to collaborate with partners and their vendors, data sharing leads to additional security concerns.
- Additionally, new weak points and intrusion techniques come up daily, and there is always the chance that the data will fall into the wrong hands. CDOs need to enforce strict security protocols at this stage.
- There has been an alarming number of highly-publicized data breaches in recent times, affecting some of the largest companies in the world. These breaches can have multiple implications, including the loss of brand reputation and customer trust.
- However, one of the most critical fallouts of this situation might well be losses suffered through fines. Regulators are imposing heavy penalties on organizations guilty of data breaches and privacy violations. Expensive penalties are undoubtedly something that companies are working to avoid.
The Impact of COVID-19
Currently, the most immediate factor that affects the cybersecurity landscape is COVID-19. This crisis has exacerbated a lot of the usual challenges while throwing new ones into the path of organizations. A strange dichotomy further complicates the situation — companies are trying to cut costs to stay alive in these economic conditions, and yet the need of the hour is bigger budgets for data security and privacy.
A significant component of this need for bigger Data Governance budgets stems from a change in priorities for CDOs. Here are a few factors that can usher in that change:
- Many companies have felt compelled to postpone large-scale projects, even indefinitely. Many projects that require extensive engineering and IT involvement have had to be tabled, no matter their stage of progress and completion.
- At the same time, governance risks are going up exponentially as more and more people start working from home. Already, a lot of people have run into data breaches and ransomware attacks. Securing remote users, therefore, will become a distinct priority soon.
- Recently, the California Consumer Protection Act, or CCPA, has finally gone into effect. There has already been a push since the beginning of the year for organizations to study the parameters of this important act and start with the process of compliance. With this critical piece of regulation now active, there is even more reason for CDOs to streamline their compliance workstreams.
Considering these developments, the need for CDOs to have more leeway and freedom to operate becomes clear. Here are some of their priorities:
Paydown Governance Debt
- Address governance debt, such as implementing a comprehensive privacy and Data Governance program that includes policies, plans, and processes aligned with regulations.
- Work with the company’s CISOs to fill any tech debt, such as security patches and updating tech stacks that might improve their level of security.
Support New Post-COVID Reality
- With more and more people working from home and potentially sharing their computers with other members of the family, monitoring privacy and Data Governance threats have become critical.
- Similarly, working from home can also expedite the need for implementing Data Management and a risk assessment framework.
- Compliance with GDPR, CCPA, and other privacy laws involves several important steps, such as revising privacy policies, updating internal processes, and advising stakeholders on appropriate courses of action. As part of compliance, they must implement processes to analyze data sources to find privacy risks, which can then be quantified, prioritized, and addressed.
As CDOs navigate this precarious landscape, they must be equipped with resources to deal with time-sensitive issues quickly and effectively. Having a bigger operating budget can be an excellent way for CDOs to adhere to a high standard when it comes to Data Governance in the present climate.