Data Governance that Works for the CISO and CDAO\n\nMore than ever, Chief Information Security Officers (CISOs) and Chief Data & Analytics Officers (CDAOs) need to join forces around governance. Traditionally, the CISO needed to be concerned with perimeter security, not data directly. And the CDAO, usually could assume that others, mainly in IT, were concerned with data security. But today, the CISO must take an active role in defining an enterprise's posture in collaboration with the CDAO to agree on data security strategy.\n\nNew data security categories from Gartner\n\nIn the Gartner Data Security Hype Cycle, Gartner shows two relative newcomers \u2014 Data Security Governance (DSG) and Data Security Platforms (DSPs) \u2014 in the early part of the Hype Curve. So, what exactly are these newcomers?\n\nData security governance: DSG is part of the larger data governance landscape that focuses on data security. Gartner defines it as data security, identity management, and application security. The other parts of data governance have to do with metadata management, data catalogs, data lineage, master data management, and data quality. Metadata management and catalogs are mainly focused on describing the data, while DSG is all about action such as enforcing security and policies.\n\nThis definition of DSG is the keystone to our point of view that the CISO and CDAO must align.\n\nData security platform: The DSP is the vehicle with which to achieve the data security component of DSG. Both Gartner and Forrester define DSPs as the convergence of data classification, access controls, masking, encryption, risk insights, workflows, and automation. A few drivers for convergence are:\n\nA change of perspectives\n\nGetting the CDAO and CISO on the same page is imperative. Traditionally, the CDAO has focused on data consumption, driving data literacy, and getting value from data. In the on-premises world, data was in the data warehouse and secured via perimeter and application security.\n\nCloud disrupts this approach with disappearing perimeters. On top of that, the proliferation of data service choices (e.g. storage, compute, processing) means security enforcement is becoming a larger-than-life effort competing for scarce admin resources.\n\nThe end result? The CDAO has fast become a critical stakeholder in the effort to secure a new cloud of data assets.\n\nWhat about CISOs? They\u2019re focused on securing the perimeter and applications. But now, zero-trust frameworks are becoming the last mile of defense, and every user should only have access to the data they\u2019re allowed to see. This modern stance means even if a user credential is compromised, the keys to the data kingdom are not compromised.\n\nDSG provides a framework for CDAOs and CISOs to collaborate on delivering transformational business value from data while remaining compliant with the growing list of internal and external mandates.\n\n5 practical initiatives for collaboration\n\nComprehensive data security and access governance platform\n\nPrivacera was founded on the vision to maximize the value enterprises get from data, balancing two key concepts:\n\nPrivacera manages security and access to all data throughout its entire lifecycle. Key capabilities include:\n\nLearn more about the only open standards-based data security platform.