Recently, Keepit, a vendor-independent cloud-native data protection platform, released a new report titled “Intelligent data governance: Why taking control of your data is key for operational continuity and innovation.”
Report details the need for data governance frameworks
This report was developed and published to help IT leaders adopt or create a data governance framework that supports innovation while ensuring business continuity. According to the Denmark-based organization, the report covers the foundational importance of data control in the AI age and focuses on ensuring modern enterprises’ cyber resilience and compliance.
“Data is the foundation of innovation and preparedness. By focusing on data governance, CISOs and CIOs will lay the groundwork to effectively manage and grow their modern, data-driven enterprises,” said Kim Larsen, CISO at Keepit. “We hope our new report, with its practical approach to data governance, will give needed insights into data, its importance, and the crucial role intelligence data governance can play in today’s cybersecurity landscape.”
The report was compiled by interviewing 30 senior IT leaders across a broad range of industries and regions. It revealed several trends that provide context for today’s IT businesses, such as cloud flexibility, the rise of AI, and budget pressures.
“Existing under the broad umbrella of data management, data governance is a program– implemented via policies and standards– intended to ensure the availability, quality, and security of an organization’s data, in accordance with applicable regulations and obligations,” the report states. “Within data governance, data classification is the process of separating and organizing data into relevant groups based on shared characteristics, such as the level of sensitivity, risks presented, and privacy and protection requirements.”
The report found that CIOs and CISOs will play increasingly critical roles in enabling enterprises to ensure resilience. They must prioritize their efforts in preparing their organizations with the right tools to provide a sustainable foundation for business continuity.
“Data governance paves the way for data resilience,” Larsen said. “Through data classification, companies will be able to detect any gaps in their business continuity plans, and, as an added benefit, enhance their current day-to-day operations.”
Key findings
The report’s significant findings include data and system classification, which is the process of separating and organizing data and systems into relevant groups based on shared characteristics like the level of sensitivity, risks presented, and privacy and protection requirements.
Data and system classification enables organizations to do the following:
- Implement safeguards aligned with protection needs, including those required by regulations (like GDPR, NIS2, DORA, and HIPAA), certifications, standards, and contracts.
- Define and execute comprehensive backup and recovery programs to improve resilience against disruption and corruption caused by cyberattacks or other causes.
- Safely and responsibly introduce new technologies and processes, including SaaS applications and AI solutions.
“A data loss or outage incident can stop an organization in its tracks,” said Larsen. “Our report highlights that the ability to recover critical systems should never be left to assumptions or chance. Backup and recovery preparedness should be a board-level consideration at every company.”
Among other key takeaways include the ubiquity of data in today’s organizations and how much of it is governed by regulations or is subject to other compliance obligations. Further, the report details that data powers day-to-day activities and serves as a critical input into innovation and improvement programs.
“Data governance is the cornerstone of compliance,” said Larsen. “Knowing where your data is, what data is crucial for business operations, and who has access to it are all questions modern organizations need to answer to be cyber resilient.”
Additionally, maintaining access to uncorrupted data is essential and continues to be a key objective for today’s CIOs and CISOs.
In addition to data governance, organizations must protect themselves from ransomware and other cybersecurity risks in the IT landscape. Read more about a recent threat report that is raising alarms.