The Real Business Impact of Poor Data Governance - Rick Doten - Guardians of the Data - Episode #21
What’s the real business impact of bad data governance in modern security programs?
Rick Doten, former Healthplan CISO at Centene Corporation and AI researcher with over 25 years of cybersecurity experience, joins the show to discuss the biggest challenges in data security. Rick emphasizes the critical importance of data governance and quality, explaining how understanding a business's needs and the value of its data are pivotal. He also explores how AI can both enhance and complicate data management. Drawing insights from his varied career path, including his role as a former health plan CISO and current advisor, Rick provides practical advice on mitigating security risks and leveraging AI for data protection.
Takeaways:
- Prioritize Data Governance: Recognize that the biggest challenge in data security is often a lack of data governance. Start by defining what data you have, where it is, who has access, and how valuable it is.
- Engage the Business: Security professionals should not decide what data is most important. Partner with business leaders to understand critical business processes and data.
- Conduct Business Impact Assessments: Work with business units to identify what would constitute a "bad day" for them. Use this to determine which data and systems are most critical.
- Define Clear Policies and Rules: Develop and document policies around data protection, classification, access, retention, and destruction, based on regulatory, contractual, and business requirements.
- Ensure Data Quality: Especially in the age of AI, ensure that data sets are accurate, current, and appropriately managed to avoid issues with automation and analytics.
- Foster Collaboration, Not Adversarial Relationships: Security should be seen as a business enabler, not a blocker. Build trust and open communication with business units.
- Accept That Change Takes Time: Building effective governance and security is a long-term process. Set realistic expectations and avoid quick-fix solutions.
Quote of the Show:
- “We’re only in this game to protect data and the availability of that data.” - Rick Doten
Links:
- LinkedIn: https://www.linkedin.com/in/rick-doten-633470177/
- YouTube: https://www.youtube.com/@rickscybersecurityvideos1059
Ways to Tune In:
- Transistor: https://guardiansofthedata.show/
- Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ
- Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323
- Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
- iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
- YouTube: https://www.youtube.com/@GuardiansoftheDataPod
Creators and Guests
