Chandra Ambadipudi, CEO of Clairvoyant and Kogni:With several high profile data breaches this year at major brands (Saks Fifth Ave, Chipotle, KMart, Blue Cross/Blue Shield, Verizon, Equifax, Whole Foods in the U.S., and Debenhams, Wonga, Bart’s Health Trust, Abta, Lloyds Banking Group in the U.K.), the topic and challenges surrounding data security will be amplified as we move into 2018. As marketers depend more on data to keep pace with rapidly shifting consumer behavior and sentiment, data security will be top of mind.
All of the different digital channels and devices that both consumers and businesses use today provide organizations with an unending stream of structured and unstructured customer data. This big data can be used by brands for more targeted and personalised marketing and advertising content, but it can also be a source of vulnerability - especially for brands in the financial services and healthcare industry that possess highly sensitive, personal information.
As any company knows, countless hackers and bots are constantly scanning to find holes in enterprise data sets. Most enterprises are focused on securing data using perimeter security via firewalls. However, as this and past years prove, it’s not a question of if a company will be hacked in 2018, it’s just a matter of when. One of the biggest data security challenges going forward won’t be external, but will be a lack of structured and centralised internal policy for data security, governance, and visibility.
With the continued risk of data breaches and new regulations like GDPR coming down the pike, we predict that organisations will place a higher priority on understanding what sensitive data they have, where it exists, who is accessing/querying it, and why. This sounds elementary on its surface, but the truth is that many companies have no idea what sensitive data exists in their ecosystem due to data coming on from so many sources in real time as customers browse, shop, post on social media, open emails, etc. across desktop, mobile web, in-app, etc.
Traditionally, the way to answer these questions was through a manual review of data and audit cycles where compliance departments survey individual teams (e.g. marketing and CRM) about their security protocols. This is time consuming, costly, and highly ineffective. As we move forward, companies will increasingly shift away from manual review and focus more on using technology to automate the process of identifying and securing sensitive customer data as it’s ingested, and continuously monitoring data sources for policy violations.