CDO, Information Management and Governance

CDO: Leveraging AND Protecting Data

James Howard

A lot is written about the important role the CDO has in promoting, monetizing and leveraging data in an organization. There is no doubt this is their primary function, and failing to fulfill the role can cost the organization in terms of revenue, competitiveness and market position. But the CDO has an equally important role in overseeing governance of data, and failing to embrace that part can lead to similarly negative outcomes.

I’m going to make a provocative statement: the data leverage market is charging ahead and the data governance disciplines are not keeping up. We will continue to see headlines describing data-related issues. Like opposite ends of a rubber band being pulled tighter and tighter, we are facing an increasing risk of a significant, potentially catastrophic, event. The risks aren’t only that data might lost or breached, but also that the organization might fail to gain full benefit from their data. The CDO plays a key role in managing the risk, avoiding issues, which in turn positions the organization to move faster and more nimbly.

Lets talk about the data:

A majority of companies are leveraging Big Data, with Financial Services and Healthcare leading the charge, and nearly 80% of executives believe that failing to embrace Big Data will cause companies to lose their competitive edge. Use cases range from customer and clickstream analysis, to fraud detection and predictive maintenance. The statistics go on and on, all pointing to an accelerating pace of growth and adoption.

  • Tools are becoming more sophisticated, and evolving to where increasingly, end-users can can pursue data tasks without involvement of IT staff. The analytics software and services market is $42B this year, expected to grow to $103B over the next 9 years.
  • And 59% of executives believe that their use of Big Data would be improved through the use of AI – often itself dependent upon the quality of data.
  • How much data? One estimate puts at 44 zettabytes by 2020 (44 TRILLION gigabytes)!

Point being, we are continuing the trajectory of very high growth in the use of data, and no end in sight as far as how much data there is to manipulate and leverage.

OK. So how is it being managed?

Increasingly, where in place, responsibility to establishing the vision and executing the strategy for data use falls to the Chief Data Officer. However, less that 20% of the top 2,500 companies have named CDOs, and they are often focused on the market-facing and revenue aspects of data. But even for those CDO’s whose responsibilities include governance (covering data protection and quality), there are no standard frameworks to employ to manage data.

By framework, I mean the mechanisms to manage data through it’s lifecycle the way one would manage any other asset. Gartner observes that while the traditional business disciplines provide some analogs to manage information as an asset, nothing has emerged tailored to information, let alone adopted as a standard. In fact, accounting standards don’t even include “information” on financial statements.

Within any governance framework should be Protection against reasonably foreseeable threats. There should be a model where protection of data is proportional to data (asset) value, relevant risks and threats, and which takes into account compliance obligations. To be sure, there are many sets of obligations, supporting methodologies with varying levels of adoption and maturity to address data protection along verticals (e.g., GDPR, HIPAA/HITECH, etc), and respectable frameworks to help ensure information security (ISO27001, for example). But these are rarely within the responsibility scope of the CDO. The CDO has to navigate different organizations to engage with one or more CIOs, CISOs and/or CPOs to help implement protections — and those other leaders’ priorities are often on other imperatives, and politics frequently interfere. So it’s difficult to see how an organization can simultaneously position itself to leverage data as a key asset, while also ensuring proper and proportional protection.

Stepping back looking at the bigger picture, I’m describing a market environment where opportunities for leveraging and profiting from data are exploding, while the mechanisms to manage and protect that data are lagging.

What can go wrong?

This pattern points to scenarios where data is breached, questionable data becomes over relied-upon, or where momentum builds to leverage and profit from data, but due to the lack of proportional governance, an event occurs (or worse, issues go undetected until outsiders raise the alarm) resulting in a loss or process failure, leading to financial and/or brand damage and regulatory intervention. A quick review of headlines reminds us this happens on an all too regular basis, leading to the inevitable questions such as, “how could this have happened?” or “you should have seen that coming”.

Is it avoidable? 

Black swan events are – by definition – unanticipated.  However, organizations can take significant steps to anticipate and either avoid or plan for these events, and prepare for potential outcomes by embracing information management and governance techniques. Remember, a data event – whether a breach or a perceived abuse of data – affects not only the organization in question, but also those around it, emanating outwards.

Data leverage and data management can be thought of as opposing forces pulling opposite ends of a rubber band — they will reach a breaking point, and the tension needs to be released in a controlled fashion. The CDO plays a key role, since they should be looking at the “big picture” of “big data”.

  • The CDO needs to be empowered and adopt a posture that balances pursuit of opportunity with proper governance – protection, quality, accuracy.
  • The CDO should be prominent in an organization, to begin addressing the many cultural barriers to information management.
  • The market needs to settle on a framework to manage information as an asset, recognizing it has value and utility to be exploited.

We are living in a world where data is everywhere and the ability to manipulate it for benefit is growing at an incredible pace. Market disruptions are occurring on a daily basis, often enabled by creative use of technologies that analyze data. Forward looking companies wanting to play in this space are looking to CDOs to help, and they need to be properly enabled. Now is the time to engage.

Published by James Howard

As the former Chief Privacy Officer and Chief Data Officer at KPMG, I developed, implemented and led an Information Management Office, positioning the organization to leverage the transformative opportunities that data analytics, cognitive computing and intelligent automation present. In that role, I was responsible for the processes, tools and controls necessary to meet complex information handling requirements, enabling use while ensuring protection.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s