Industry executives and experts share their predictions for 2024. Read them in this 16th annual VMblog.com series exclusive.
Data compliance is here to stay; turn it into a business advantage
By
Sylvain Kalache, Co-founder of Data Defenders Forum
GDPR
was the initial force driving enhanced data protection standards, officially
taking effect five years ago. Since then, there has been a substantial
evolution in global perspectives on data governance, with the majority of
countries around the world implementing various forms of data legislation.
Despite
some companies opting to overlook this topic, the significance of data security
and compliance is steadily rising and even holds the potential to be turned
into a valuable business advantage. In this article, I dig into four trends
that will shape the landscape of data security and compliance in 2024.
Data compliance is not going away
Data
compliance is not going away and will increasingly become an important topic.
An
illustration of this is that 84% of users in the US choose to opt out of app tracking. This
opt-out rate underscores a clear preference among consumers to limit the
collection and utilization of their data, emphasizing the need for
organizations to prioritize data protection.
But
the push for more data protection isn't only coming from users. Governments
worldwide are increasingly pushing for more data privacy rights as well. As of
today, approximately 71% of countries have some sort of legislation in this domain. This
surge in regulatory measures is not only to protect individuals but also
national interests. Countries are starting to understand that their citizen
data has much value, especially with the rise of AI, and that they need to
increase their control of it.
The rise of Private SaaS
The
escalating data compliance and security requirements are pushing companies to
reshape their infrastructure to align with these norms. And the management of
data is at the center of that. With the widespread adoption of SaaS, data
resides outside a company's infrastructure, sometimes in foreign jurisdictions,
and for many companies, this will no longer be possible.
This
challenge is paving the way for a transformative trend: the emergence of Private
SaaS. In
this paradigm, the control plane of the SaaS is managed by the vendor, but the
data plane remains within the confines of the company's infrastructure. This
innovative approach allows companies to continue enjoying the benefits of SaaS
products while simultaneously offering the ability to safeguard and manage
their data in compliance with regulatory standards. I have seen a number of
SaaS businesses offering this type of offering; while they may not call it
Private SaaS (yet?), the trend is emerging, and it will keep growing.
Data compliance as a business advantage
Companies
will increasingly invest in data security and compliance purposes and turn
it into a business advantage. By doing so, not only they will reduce the risk of data breaches
and regulatory fines, safeguarding the company's reputation. But they will also
attract customers who prioritize privacy or must use products with respect to
specific standards.
This
shift will not only happen at the engineering level but also at the product
level. Products designed with user privacy in mind will become the norm, Apple,
arguably one of the most successful consumer tech companies, was among the
first to lead the charge. And it is paying off.
The budget for tools will increase
As
the need for data compliance rises, regulations tighten, and fines, reaching a
total of $2.2 billion in 2023, surge in both quantity and magnitude, companies are anticipated
to expand their budget for tools in this domain. This was reflected in the 2023
startup investment market, which remained very active for security startups while crumbling for
other industries.
Companies
often view staying in compliance as a challenge that slows down their ability
to innovate and release products. However, several new tools have emerged to
solve these challenges effectively. Shift left data security, applying security standards across a company's tools, or discovering and cataloging all your
company data
are now much easier things to achieve. CPOs (Chief Privacy Officers) will see
their tool budget increase in 2024.
Conclusion
While
data compliance might seem overwhelming, various tools are now available to
easily comply. By adopting a suitable communication strategy, businesses can
even turn compliance into a valuable business asset. As laws and consumer
expectations are increasing, embracing data compliance becomes unavoidable.
##
ABOUT THE AUTHOR
Sylvain Kalache is an entrepreneur and software engineer. He was a senior
SRE at LinkedIn before co-founding Holberton School, which trains Silicon
Valley grade developers worldwide. He currently provides PR services for tech
companies.