Industry executives and experts share their predictions for 2023. Read them in this 15th annual VMblog.com series exclusive.
2023 Data Security and Governance Predictions and Trends
By
Privacera CEO and Co-Founder, Balaji Ganesan
Companies need to be proactive, not only
about data security and investing for long-term growth and business success,
but getting ahead of the ever-shifting regulatory environment. Data security
platforms will continue to gain popularity as they help simplify the complexity
of managing data access controls, support data governance strategies, and drive
higher-value analytics that unlock the full data-driven potential of
enterprises.
Below is a round-up of 2023 predictions
and trends, including what we at Privacera believe will be top of mind for
enterprise organizations that want to compete in a data-driven economy.
Chief Data Analytics Officers will Become a C-Suite
Norm
As data is becoming
more recognized as a strategic bet companies need to make, the Chief Data
Analytics Officer role will become even more universal. Enterprises aspire to
be data-driven to improve decision-making and achieve desired business
outcomes. However, without someone strictly focused on leading data analytics,
assessing internal and external data strategies, and developing the data's
architecture, it is difficult to accomplish. While it is a developing space,
with many of the executives new to the role, the ROI of bringing a CDAO
in-house is clear. Over time we will see more CDAOs move front and center for
data monetization strategies, similar to how CISOs became a "new norm" for
information security strategy on the executive team.
Congress Could Introduce New Federal Regulations to
Protect Consumer Data
Consumers are
becoming more aware of how organizations are collecting, storing, and using
their data which is creating an urgency for Congress to write and pass federal
regulations surrounding data security and privacy. Currently, regulations are
enforced at the state level, in places like California, Colorado, and Utah. But
the U.S. market needs a uniform federal mandate, similar to the EU's General
Data Protection Regulation (GDPR), which we might see come to life with the
newly elected Congress.
Moving toward a
federal privacy law has bi-partisan support. Earlier this year, we saw the American Data
Privacy and Protection Act (ADPPA), which would be a common standard for how to
handle data, passed out of the House Energy and Commerce Committee. Fresh
off the midterm elections we are expecting these conversations to continue
among legislators and businesses alike.
As we wait for
legislation, we can expect to see more "Big Fish" companies receive hefty fines
for security incidents that resulted in breached information. Regulators will
look to make an example of those who have been compromised with fines and other
significant consequences, so it's more important than ever companies are
proactive about their security approach.
The Appetite for Multi-Cloud Adoption Will Continue to
Grow in 2023
In terms of
adopting a multi-cloud environment, most enterprise-level organizations are in
the ambitious early stages of migration and still have a lot of data that needs
to be moved. There are some "born in the cloud" enterprises that are fully
integrated and working well, but over the next year, we expect the adoption of
multi-cloud services to continue to rise as a majority of business leaders look
to modernize their data architecture.
Since more
organizations have shifted away from a single cloud solution when it comes to
implementing their data strategies, we'll see many business leaders faced with
the challenge of deciding which service providers they actually want to mix and
match. To help make those important decisions, we expect business leaders to
take a "best of breed" strategic approach that looks at individual organizational
use cases. Choosing different cloud partners and services to handle different
business needs has become a reality today. It does require a comprehensive data
security governance approach to address the increasing challenges of a
multi-cloud data strategy.
We also expect to
see a shift in the share of voice from public cloud vendors to focus more on
data governance, secure and trusted data management strategies. There's a
sharpened focus from enterprise leaders seeking cloud partners that can offer
more than data storage. They are looking for even more scalable ways of
building data-centric applications including self-service analytics and modern
data collaboration to get even more mileage - and ultimately value - out of
that data. And a critical prerequisite to achieving this modern data
collaboration is to integrate with a scalable data security platform.
Emerging Tech to Keep an Eye on Data Analytics,
Privacy, and Security
We've recently seen
many new vendors in the data security space looking to solve several
challenges, including how enterprises can accelerate analytics through fine-grained
access of data, while remaining compliant. This exhibits no sign of
slowing down.
Adoption of data
analytics, privacy and security infrastructure tools assure both a company's
data and that of its customers are safe and data governance also plays a big
role. Today's companies need to be smart, not only about security and investing
for long-term growth and business success, but they must adhere to the
ever-shifting regulatory environment.
Data security
platforms are essential for the modern data stack, as they provide data
protection using a combination of fine-grained access controls and, policy
enforcement across the data estate, data masking, sensitive data discovery and
classification; and encryption, and automated workflows to meet changing
regulatory requirements. The combined power of this technology will skyrocket
over the next few years as more and more data amasses within an organization.
According to Gartner's Hype Cycle
for Data Security 2022, a data security governance framework should
be used to identify and prioritize business risks that will be mitigated by
data security policies.
Zero Trust Comes of Age and Data Mesh Promotes
Democratization
Zero trust and data
mesh will also see an uptick in implementation. Both of these concepts allow
data to stay where it is and make sense of it safely, ensuring compliance and
that privacy is preserved. Zero trust is an approach to enterprise
cybersecurity that presumes no connections to corporate IT assets should be
trusted. Instead, zero trust begins with a "default deny" security posture:
Trust no one and grant the least privilege. Data mesh promotes data
democratization by enabling enterprise-wide users to access any dataset across
organizations independent of data location, resulting in more business units to
monetize data and drive business transformation.
Data security
platforms will continue to gain popularity as they help simplify the complexity
of managing data access controls, drive self-service analytics, support data
governance strategies, and allow enterprises to realize their full data-driven
potential.
##
ABOUT THE AUTHOR
Balaji Ganesan is CEO and co-founder of
Privacera, a SaaS-based data access and governance platform that enables
analytics teams to access data without compromising compliance with regulations
such as GDPR, CCPA, LGPD, and HIPAA. Before Privacera, Balaji and Privacera
co-founder Don Bosco Durai, also founded XA Secure. XA Secure's was acquired by
Hortonworks, who contributed the product to the Apache Software Foundation and
rebranded as Apache RangerTM. Apache Ranger is now deployed in thousands of
companies around the world, managing petabytes of data in Hadoop environments.
Privacera's product is built on the foundation of Apache Ranger and provides a single pane of glass for securing
sensitive data across on-prem and multiple cloud services such as AWS, Azure,
Databricks, GCP, Snowflake, and Starburst and more.