Gartner is predicting the rise of chief data officers in organizations. What exactly is a CDO? What are their responsibilities?...
How will their presence affect CISOs?
The challenge of protecting data and access to data has existed since the beginning of time. The CISO's role is to ensure proper protection is deployed based on risk and the need to know. Over time, new executive roles have evolved with the chief information risk officer; chief privacy officer; and, more recently, the CDO. Each has had an impact on how this challenge is confronted.
According to Gartner, today there are about 1,000 CDOs and chief analytics officers in the world, and they predict that by 2019, 90% of all global enterprises will have appointed a CDO. What is the role of chief data officers, and how will they affect the responsibilities of the CISO?
According to IBM, chief data officers must be able to understand all the different aspects of data. The CDO should drive executive actions supported by data, accelerate the enterprise data strategy to enable business transformation and reward data-driven innovation that benefits corporate performance. CDOs focus on how to turn data into dollars, but how does this affect protection of data?
Chief data officers help determine the right level of employee access to data. They should know what data exists, how it should be used, who should have access, what level of access should be granted and when it should be disposed. Historically, the CISO has attempted to accomplish this with security risk assessments, role-based access control and access controls. The CDO is typically not as technical as the CISO, but should be sufficiently aware of protection schemes to ask the CISO the right questions.
Do chief data officers threaten the CISO's ability to do the job? Not at all, the positions complement each other. This does not mean that the CISO should stay exclusively technical. The CISO should continue to strive to understand business objectives to earn and retain the respect of the audit committee and board of directors, but if the CDO's focus is to ensure proper access and protection of data, that makes the CISO's job that much easier.
Ask the Expert:
Have questions about enterprise security? Send them via email today. (All questions are anonymous.)
Check out this description of the first 90 days of four CDOs
Learn more about the state of chief data officers
Find out how big data affects the need for chief data officers
Dig Deeper on Information security program management
Related Q&A from Mike O. Villegas
A social media security policy is necessary for most enterprises today. Expert Mike O. Villegas discusses what should be included in social media ... Continue Reading
A cybersecurity training center could help security professionals continue their education, but are the benefits worth the investment for enterprises... Continue Reading
Yahoo reportedly rejected a forced password reset after numerous data breaches compromised user data. Expert Mike O. Villegas discusses whether this ... Continue Reading