《InformaTech&DataBee:2024年数据管理、隐私与治理状况报告(英文版)(29页).pdf》由会员分享,可在线阅读,更多相关《InformaTech&DataBee:2024年数据管理、隐私与治理状况报告(英文版)(29页).pdf(29页珍藏版)》请在三个皮匠报告上搜索。
1、Too much data,too little value.Too many privacy problems,too few privacy professionals.And AI is pushing every data management solution to its limits.2024 The State of Data Management,Privacy,and Governance256653_IWK23SPONSORED BYNOVEMBER 2024|2024 The State of Data Management,Privacy,and Governance
2、November 2024|Page 2Table of Contents3 DataBee Perspective6 About the Author7 Executive Summary 9 Key Findings10 Research Synopsis 11 Introduction12 Data Privacy Goes Public13 Data Pileups and Backups 15 The AI Energy Crisis and Data Sustainability20 AppendixFiguresFigure 1 Data Privacy DriversFigur
3、e 2 Importance of RegulationsFigure 3 Data Privacy LeaderFigure 4 Data Privacy Confidence StatementsFigure 5 Data Volume Being ManagedFigure 6 Data Growth DriversFigure 7 Data Backups and RecoveryFigure 8 Tools to Enhance Data Privacy and GovernanceFigure 9 Environmental Sustainability in Data Effic
4、iency EffortsFigure 10 Policies to Address Data Privacy Figure 11 Data Governance DriversFigure 12 Data Privacy Reporting StructureFigure 13 Data Governance LeaderFigure 14 Data Governance Reporting StructureFigure 15 Data Management LeaderFigure 16 Data Management Reporting StructureFigure 17 Struc
5、tured Versus Unstructured DataFigure 18 Data GrowthFigure 19 Frequency of Sharing DataFigure 20 Request for Users Private DataFigure 21 Complying with Request For DataFigure 22 Change in Data RequestsFigure 23 Respondent Job TitleFigure 24 Respondent Company SizeFigure 25 Respondent IndustryFigure 2
6、6 Respondent Company RevenueNEXTPREVIOUSNovember 2024|Page 3Data Defense 101:Secure,Govern,and ThriveA security data fabric enables organizations to maintain consistent security and privacy controls as data volumes continue to increase.SPONSORED CONTENT DataBee PerspectiveAuthors:Erin Hamm,Field Chi
7、ef Data Officer at DataBee from Comcast Technology Solutions Amy Heng,Director of Product Marketing at DataBee from Comcast Technology SolutionsFrom financial forecasting to customer experiences,data analytics is the foundation of the modern business model.The State of Data Management,Privacy,and Go
8、vernance report only reinforces this reliance on data as 80%of survey respondents reported an increase in data volumes arising from these business initiatives.Every benefit this data provides also comes with a responsibility to manage it,protect privacy,and govern use and access.To protect data,orga
9、nizations increasingly adopt more cybersecurity solutions with the enterprise organization often managing over 100 tools.Yet,enterprise and security data have been separated historically,creating data silos that impact the organizations ability to create a global data strategy and gain the full bene
10、fit of its security data.Enter the Security Data FabricData fabric federation is an architecture that centralizes data so that organizations can converge data sources,data sets,and controls from their different sources.The security data fabric gives organizations a way to gain two distinct benefits:
11、Centralizing security data breaks down silos so that teams beyond the information security team can gain visibility and context for about incidents and data-driven business initiatives.Deliver high-quality,relevant data products by operationalizing data access,integration,and sharing that enhance an
12、 enterprises existing technology stack.PREVIOUSNEXTPREVIOUSNEXTNovember 2024|Page 4SPONSORED CONTENT DataBee PerspectiveOrganizations historically struggled to include security data within their enterprise data strategies because normalizing the data requires having a data science team that understa
13、nd the unique cybersecurity,risk,and compliance value and often proprietary data schemas.At Comcast,we realized the value of a security data fabric for improving our security analytics while aligning security data to our global data management and governance programs.Using Data Lineage for Managemen
14、t and GovernanceA security data fabric enables cybersecurity and compliance teams to have the data foundation they need to defend and protect the business.For example,with an understanding of datas journey from its source to its destinations in relation to the business,security analysts can quickly
15、contain and respond to threats and compliance analysts can build policies to reduce and mitigate risk.Data lineage acts as the foundation for the organizations data governance and management strategies by providing visibility into data origin,processing,and storage.Using a security data fabric to un
16、derstand security datas journey from source to consumption layer enables the organizations global data strategy by:Implementing appropriate controls over protected information Understanding relationships between data and business for improved precision in analytics and governance Maintaining real-ti
17、me and accurate data for critical decision-making Gaining upstream and downstream lineage for the data lifecycle Improving data discovery for more accurate analytics and self-service Advancing data strategies to align with modern data management objectivesExpanding Security Analytics Use CasesBreaki
18、ng down the silos between enterprise and security data also allows organizations to expand their security analytics use cases.Malicious insider threats are both a common security concern and fundamental challenge.The perpetrators use their legitimate access inappropriately.Organizations need to iden
19、tify the threat actors and malicious insiders quickly-and accurately.PREVIOUSNEXTPREVIOUSNEXTNovember 2024|Page 5SPONSORED CONTENT DataBee PerspectiveCoordinating a response across physical security,digital security,and human resources teams becomes time-consuming.However,a security data fabric can
20、be configured to converge data from technologies across these functions and provides business organizational context to derive insights from:Badge reader logs Device logs Network logs Application logs Print logs Video camera logs,from building entry and exit And,if integrations are available,HR data
21、 that adds context including an employees pending employment termination statusWith all functions working with the same chronologically ordered datasets,also known as time-series analytics,the organization can more rapidly respond to the incident and communicate next steps.Weaving Data into a Fabric
22、 of InsightsWhen the global data strategy is inclusive of security data,the organization optimizes its security and enterprise datas value for analytics while improving its overarching data governance profile.A security data fabric,like DataBee from Comcast Technology Solutions,enables the security
23、team to gain data-driven insights,modernizing the function in alignment with the rest of the organization.Meanwhile,it allows the organization to apply the same data protection controls to security data as it applies to protected data,like personally identifiable information(PII)or cardholder data.P
24、REVIOUSNEXTPREVIOUSNEXTNovember 2024|Page 62024 The State of Data Management,Privacy,and GovernanceAuthorPam Baker Contributing WriterA prolific writer and analyst,Pam Bakers published work appears in many leading publications.Shes also the author of several books,the most recent of which are“Decisi
25、on Intelligence for Dummies”and“ChatGPT For Dummies.”Baker is also a popular speaker at technology conferences and a member of the National Press Club,Society of Professional Journalists,and the Internet Press Guild.PREVIOUSNEXTNovember 2024|Page 72024 The State of Data Management,Privacy,and Govern
26、anceExecutive SummaryFor executives who find anything to do with data to be mind-numbingly boring,this survey packs some eye-popping surprises.Suddenly,it seems,the corporate world put on its collective do-gooder shoes and danced its way to full accountability.“Data ethics/corporate responsibility”r
27、anked as high as 4th(34%)out of 20 options on the“data governance drivers”question.“Until there is accountability for AI gone bad or for breaches on insufficiently protected data being stolen,this is a blip on the radar rather than a sustained shift.DOJ,FTC,and HHS are trying to establish accountabi
28、lity,but theres so much that they dont have the proper resources,”said Michele Thomas,Co-Founder and CISO of TrustedTec,referring to the United States Department of Justice,Federal Trade Commission and Department of Health and Human Services.But not all respondents believe that organizations will ba
29、il on data ethics and corporate responsibility in data management if given the chance to do so.Some believe that the challenges are so great that progress is just slowed,more so than resisted.“I hold the view that data privacy is no longer just a buzzword;its a serious business concern,”said Brian T
30、eater,a survey participant and the IT Manager at EXP.“While theres increased awareness of its importance,many organizations are still struggling to translate this understanding into concrete actions,let alone achieve actionable outcomes in todays fast-paced business environment.The complexities of d
31、ata privacy regulations,the technical challenges of securing massive datasets,and the cultural shift needed to prioritize data protection are all significant hurdles to overcome.”Even so,its highly likely that fear of punishment will power accountability more than peer or social pressures to do the
32、right thing.Data privacy regulation-once again the top driver of data governance,named by 60%of respondents this year-is much more likely to force organizations to get a better grip on their data stores.“Most organizations do not manage their data properly,”said Thomas.“They dont even know where all
33、 their data is or how much duplicate data exists.They also do not protect data to the access level,much less with context,meaning under what circumstances who can do what to data when.”PREVIOUSNEXTNovember 2024|Page 82024 The State of Data Management,Privacy,and GovernanceAnother big surprise is the
34、 flip in AIs impact on data management.If you think of your data stores as the brains in AI and the model as the nervous system,then its easy to see how a brain-impaired model would fail more often than succeed.No matter how great and responsive the AI model is,if it can only operate with insufficie
35、nt,incorrect,or outdated data,it cannot perform to expectations.This brain-to-nerves,aka data-to-model,analogy explains in part why nearly one-third(31%)of respondents cite an increased use of AI on the technical side as a driver for data growth in their organization.On the project side,nearly half(
36、42%)report an upswing in data-driven and analytics-driven business projects require more data.Another eye-popping revelation is that despite the huge risks in failing to comply with data privacy laws worldwide,theres a real lack of dedicated leadership at most organizations.Only 8%said that a CPO is
37、 leading privacy initiatives,but for most its a corporate leader or an IT leader-and not even an executive IT leader.There are more IT managers 12%leading privacy than there are 8%CPOs.Oddly,while theres little to no consensus on how to manage data privacy,there is agreement on the importance of dat
38、a sustainability driven in large part by the upswing in AI adoption.“Companies are realizing that storing and processing data,especially with AI,can use a lot of energy.So,its great to see them focusing on building more energy-efficient data centers and exploring greener and more sustainable ways to
39、 store data,”said Teater.An overwhelming 92%of respondents acknowledge at least that sustainability should be a factor and of that group,39%said that its already an essential part of their data management practice.PREVIOUSNEXTNovember 2024|Page 92024 The State of Data Management,Privacy,and Governan
40、ceKey Findings:16%of respondents are managing more than 10PB of data.This is a jump from 9%in last years survey.Over one-third of respondents said the amount of data they manage has increased by 25%or more in the past year.31%of respondents cited an increased use of AI as a driver for data growth in
41、 their organization.60%of respondents said“privacy regulation”was a top driver for data governance programs,coming in as the No.1 response.34%of respondents said“data ethics/corporate responsibility”was a top driver for data governance programs.Only 8%of respondents said the chief privacy officer is
42、 leading their data privacy efforts.92%said environmental sustainability is playing or should play a role in data management practices.Two out of three respondents(67%)are confident that their organization is compliant with all necessary privacy regulations.Yet only half of respondents(51%)are confi
43、dent in their organizations ability to pay a fine and withstand sanctions if they violate a privacy regulation.36%reported that a data privacy assessment is now a part of their technology acquisition process.PREVIOUSNEXTNovember 2024|Page 102024 The State of Data Management,Privacy,and GovernanceRes
44、earch SynopsisSurvey Name:The 2024 InformationWeek State of Data Management,Privacy,and Governance Survey Survey Date:August 2024Primary Region:North America,with some worldwide representation Number of Respondents:152 IT executives,management,and cybersecurity professionals who are involved in the
45、administration,storage,management,or governance of data or the management,planning,or enforcement of data privacy or data governance for their organizations.The margin of error for the total respondent base(N=152)is+/-7.9 percentage points.Methodology:InformationWeek surveyed IT and cybersecurity ex
46、ecutives,directors,managers,and staff.Respondents were screened to qualify for the survey as working on data governance or data privacy projects or leading data governance or data privacy efforts.The survey questions asked about asked about data management,governance,and privacy at a representative
47、sample of organizations.The survey was conducted online.Respondents were invited to participate via email invitations containing an embedded link to the survey.The emails were sent to a select group of Informa Techs qualified database;Informa is the parent company of InformationWeek.Informa Tech res
48、earch was responsible for all aspects of survey design,administration,data collection,and data analysis.These procedures were carried out in strict accordance with standard market research practices and existing US privacy laws.PREVIOUSNEXTNovember 2024|Page 112024 The State of Data Management,Priva
49、cy,and GovernanceIntroductionData is the brains behind every organi-zation.It is the driver of decisions,pro-cesses,and profits.Yet,this most valu-able of all assets is commonly treated as if it were the cheapest of commodi-ties.Perhaps that perception stems from the fact that data is quite literall
50、y everywhere and its piling up higher and higher every day.In last years report,9%of those we surveyed said that they were managing over 10PB of data.This year,the InformationWeek Data Management,Governance and Privacy survey found that number al-most doubled,jumping to 16%.But what accounts for tha
51、t soaring growth of data under management?“Im convinced that its a combina-tion of both data hoarding and new data growth.While organizations are generating more data than ever be-fore,theres also a tendency to retain data for longer periods,often without a clear purpose.This can lead to data clutte
52、r and increased storage costs,”said Brian Teater,a survey participant and the IT Manager at EXP.In the survey,42%of respondents cited“data-driven analytics projects”as the primary driver behind their data growth while 31%blamed“more use of AI.”But some of the data growth can be attributed to more hu
53、man-based rea-sons like turf protection,said one re-spondent.“In organizations who do not have shared,enterprise data plat-forms there is a lot of duplicate data because each internal organization keeps their own and wont share it,”said Michele Thomas,co-founder and CISO of TrustedTec.Even so,theres
54、 obviously some data sharing going on.According to the survey,nearly half of respondents(48%)reported sharing data daily,and 22%said they share data weekly.Whether newly created,newly ac-quired,duplicated,siloed,or captured in corporate politics,data growth shows no signs of slowing.According to Sta
55、tista,the“volume of data/infor-mation created,captured,copied,and consumed worldwide”will jump from 120 zettabytes in 2023 to 147 zettabytes in 2024 and soar to 181 zettabytes in 2025.A zettabyte is equal to a billion terabytes.How can something so ubiquitous have such a high value?The reasons are a
56、lmost as infinite as the number of bytes that are collected and stored every day.Even so,cashing in on that value remains frustratingly elusive for many companies.“Its like the person who tries to eat the whole elephant in one bite,chokes,and then wonders why things failed.Working on a data gover-na
57、nce plan will help organizations to identify where their data is,what is it,what its used for,what can be shared,what cannot be shared,what metadata is necessary to keep and share,how much data is duplicat-ed,where the data is stored,where data should be stored,and who can access,change,delete the d
58、ata,”said Thomas.The No.1 factor driving data govern-ance initiatives?Privacy regulations,cited by 60%of respondents.Over one-quarter of respondents also said that compliance with non-privacy reg-ulations was a leading driver.Maybe then its appropriate that data governance initiatives are most often
59、 led by chief compliance officers(13%).chief data officers(8%)and chief data governance officers(7%)do rank high on the list as well.However,privacy pros hardly make the list-not even when it comes to running data privacy.More on this to come.PREVIOUSNEXTNovember 2024|Page 122024 The State of Data M
60、anagement,Privacy,and GovernanceData Privacy Goes PublicTheres no doubt that privacy is a huge issue in the publics eye.As with governance,the No.1 driver of data privacy initiatives is compliance with data privacy regulations,named by two out of three(66%)respondents(Figure 1).The wide variety of r
61、egula-tions that respondents must comply with is staggering in terms of compli-ance requirements,complexities,con-flicts between jurisdictions,and perils and penalties.Further,the uncertainty theyre experiencing because of the possibility of even more such laws is causing changes in spending:26%said
62、 theyve increased privacy spend-ing,while 9%said they decreased it.The US Health Information Portability and Accountability Act(HIPAA)is by far the most important to our survey respondents,named as important or essential by 65%(Figure 2).But about one-third of respondents said they must comply with
63、everything on a list of 19 regulatory requirements.The list included state,federal,and inter-national privacy laws(from India,the UAE,Brazil,China,and others).And in addition to privacy legislation,it in-cluded industry-specific regulations,like on financial data.“With all the new data privacy rules
64、 like GDPR and CCPA popping up,its like trying to hit a moving target.Its defi-nitely challenging,but it also opens up new opportunities for businesses to do things better,”said Teater.(He re-fers to the European Unions landmark General Data Protection Regulation and to Californias trend-setting sta
65、te legislation,the California Consumer Privacy Act.)Regulation is by far the leading driver(66%),but the other top five on a list of are customer demands for privacy are increasing(40%),cybersecurity risks(40%),ethical reasons/corporate re-sponsibility(37%)and AI creates new data privacy risks(37%).
66、Some respon-dents also indicated that they are chang-ing their privacy investments-some in-creasing spend,others decreasing it-in order to address users or third parties complaints(see Figure 1).Despite this quagmire of perils and penalties,the lack of fixed leadership to oversee data privacy is hap
67、hazard.Data Privacy DriversWhat is driving privacy initiatives at your organization?Compliance with privacy regulations demanding more privacy Customer demands for privacy increasing Cybersecurity risksEthical reasons,corporate responsibility AI creates new privacy risks Uncertainty over how new law
68、s may impact privacy are causing company to INCREASE privacy investments Business leadership making data privacy a greater focus Internal user demands for privacy are causing company to RAISE privacy standards Third-party partner demands are causing company to RAISE privacy standards Growing demands
69、 from staff and potential staff for privacy Uncertainty over how new laws may impact privacy are causing company to DECREASE privacy investments Third-party partner complaints are causing company to LOWER privacy standards Internal user frustrations for privacy are causing company to LOWER privacy s
70、tandards Note:Multiple responsese allowedData:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 202366%40%40%37%34%26%25%21%20%12%9%8%5%73%43%60%N/AN/A25%32%N/AN/A24%12%N/AN/A20242023Figure 1PREVIOUSNEXTN
71、ovember 2024|Page 132024 The State of Data Management,Privacy,and GovernanceOnly 8%said that a chief privacy offi-cer is leading privacy initiatives(Figure 3).For most its a corporate leader or an IT leader-and not even an execu-tive IT leader.There are more IT man-agers(12%)leading privacy than the
72、re are CPOs.Balancing data privacy versus the corporate demands for data collec-tion continue to be a challenge.Only 38%said it was relatively easy(Figure 4).Curtailing the types and amount of data collected is one way to make these efforts more manageable.“Organizations and their leadership should
73、stop thinking about grabbing all the data they can,and instead look at the business use case,the value of the data use,and the invest-ment required to do whats proposed,”said Thomas.Nixing personal data in particular is gaining traction as a prime way to mitigate some of the risks in data privacy la
74、ws.“My organization is currently taking steps to reduce the amount of per-sonal data we collect.Were conduct-ing regular audits of our data collec-tion practices to identify areas where we can minimize the data we collect and retain.Were also implementing data minimization principles to ensure that
75、we only collect the data necessary to achieve our business objectives,”said Teater.Data Pileups and Backups Data is quite literally everywhere and piling up higher and higher every day.Last year 9%of those surveyed said that they were managing over 10PB of data.This year the survey found that number
76、 almost doubled,jumping to 16%(Fig-ure 5).More than four in 10(42%)of re-spondents cited data-driven analytics projects as the primary driver behind their data growth,while 31%blamed more use of AI(Figure 6).“Organizations are actively seeking to obtain more data to feed AI projects.While AI can cer
77、tainly reuse existing data,the quality and quantity of data can significantly impact the accuracy and effectiveness of AI models.My or-ganization as well as many other com-panies are investing in data acquisition strategies to ensure they have the nec-Figure 2Importance of RegulationsPlease rate the
78、 importance of these regulations to your business.1 Rarely comes up 2345 Compliance is essential Not sure HIPAA(U.S.Health Insurance Portability and Accountability Act 18%5%7%11%54%5%PCI-DSS(Payment Card Industry Data Security Standard)16%7%11%11%44%11%(SOX)Sarbanes-Oxley 17%7%8%15%42%11%GDPR(E.U.Ge
79、neral Data Protection Regulation)20%8%12%13%41%6%CCPA(California Consumer Privacy Act)18%5%11%16%37%13%Other U.S.state-specific privacy legislation 18%8%13%13%37%11%FISMA(Federal Information Security Management Act)16%7%9%21%36%11%COPPA(Childrens Online Privacy Protection Act)24%9%8%13%36%10%NYDFS C
80、ybersecurity Regulation(23 NYCRR 50)20%6%9%18%30%17%UK:Privacy and Electronic Communications Regulation 34%9%7%8%28%14%(GLBA)Gramm Leach Bliley Act 20%9%6%17%27%21%Trans-Atlantic data transfer rules(EU-U.S.Data Privacy Framework)33%7%8%11%26%15%UK:Data Protection Act 34%9%8%12%25%12%Canada:PIPEDA(Pe
81、rsonal Information and Protection and Electronic Documents Act)39%3%8%12%24%14%UAE:Protection of Personal Data Law 38%8%5%8%24%17%India:DPDPA(Digital Personal Data Protection Act,2023)40%6%5%10%22%17%Australia:Privacy Act 41%5%5%12%21%16%Brazil:LGPD(Lei Geral de Proteo de Dados Pessoais)42%3%5%9%21%
82、20%China:PIPL(Personal Information Protection Law)41%5%7%13%17%17%Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024PREVIOUSNEXTNovember 2024|Page 142024 The State of Data Management,Privacy,and Governanceessary resources
83、 to drive their AI initia-tives,”said Teater.Data pileups and increased AI use are also driving data sustainability initia-tives,with a few exceptions.“The impact is in what it takes to store data and how to get to it.AI and quan-tum computing have both demon-strated that there is a lot behind the c
84、urtain and decisions should be made realistically and cautiously.Sustain-ability is a good thing.Understanding what you really need can help deter-mine if sustainability is a decision point or not,”said Thomas.Besides the costs and risks in storing a lot of data are similar issues in manag-ing this
85、data,backing it up,securing it,and retrieving such large quantities on demand,particularly in an emergency.Cloud(63%)and disk backups(47%)are the leading tools applied in storing and recovering backups,followed by data encryption(39%),data loss pre-vention(30%),and tape backups(28%).Note:We did not
86、specify a difference between tape and tape-as-a-service,but we will do so in future surveys(Figure 7).Respondents cited a wide variety of tools for managing data privacy as well.The top three were no surprises:encryption(72%),VPNs(60%),and identity and access management(46%).However,other fundamenta
87、l tools made the list,like records man-agement(27%),as did some special-ized or emerging technologies,includ-ing identity security platforms(20%)and synthetic data(13%)(Figure 8).“People usually think of data as sepa-rate from cybersecurity.To me they are so close as to almost be directly related.Pe
88、ople talk about breaches-a cybersecurity thing,right?-but do you really realize that most breaches arent for the hell of it.No,they are to get to the data and steal it.Thats data pri-vacy and data protection.In the public sector where Ive worked,data protec-tion was a cybersecurity partnership,”said
89、 Thomas.Data Privacy LeaderWho leads data privacy at your organization?CEO/president or similar corporate leaderIT directorIT managerChief information security officerChief information officerChief privacy officerChief compliance officerChief technology officer Cybersecurity or IT security director
90、Chief data officer Data governance director Data privacy director/manager Cybersecurity or IT security manager Chief data governance officer Chief digital officer Chief finance officer Chief risk officer Data governance manager Database administrator(DBA)Legal department Data:InformationWeek survey
91、of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 202312%12%12%11%10%8%5%5%5%3%3%3%2%1%1%1%1%1%1%1%9%N/AN/A18%17%8%6%11%N/A6%N/AN/AN/A2%N/A3%0%N/AN/A4%20242023Figure 3PREVIOUSNEXTNovember 2024|Page 152024 The State of Data Mana
92、gement,Privacy,and GovernanceThe AI Energy Crisis and Data SustainabilityWhen it comes to sustainability,an overwhelming 92%of respondents ac-knowledged at least that sustainability should be a factor,and of those people,39%said that its already an essential part of their data management prac-tice(F
93、igure 9).While the data center industry has been working on sustain-ability improvements for some time,its the sudden and soaring adoption of generative AI that is causing the IT industry to redouble efforts.Recently,Sam Altman,CEO of OpenAI,which makes the now famous Chat-GPT chatbot,admitted at th
94、e World Economic Forums annual meeting that AI is headed for an energy crisis.Considering that all forms of AI,includ-ing generative AI,are data-dependent for their performance,its imperative to consider the environmental costs of storing the huge data hordes that an army of AI models will need.Henc
95、e the renewed drive to make data man-agement,storage,and governance more sustainable too.Even so and somewhat shockingly,only one-quar-ter(25%)of respondents reported us-ing data governance management platforms(previously cited in Figure 8),and only 39%reported revisiting or revamping their data ret
96、ention policies(Figure 10).“Most organizations do not employ data governance.Its not lip service as much as not understanding what their data posture is or what their data infrastructure looks like.Until they do,they cant protect it sufficiently,much less use it for AI,”said Thomas.How we think abou
97、t and use AI and data requires a rethink.Its either that or watch one AI project after another run out of gas.“Many organizations dont use data governance to help determine if they need a large language model or a small one.So most just opt for large;they have more than they need and spend a lot of
98、money on storage space.This can also slow processing down with the more data to look at.Using a governance model can help identify data ownership,use,how its managed,and whether the business use case warrants a large or small data set,”said Thomas.The energy drain from data centers is no joke.Accord
99、ing to The Internation-al Energy Agency(IEA)report,“after globally consuming an estimated 460 terawatt-hours(TWh)in 2022,data centers total electricity consumption could reach more than 1,000 TWh in 2026.This demand is roughly equiv-alent to the electricity consumption of Japan.”Figure 4Data Privacy
100、 Confidence StatementsPlease tell us how much you agree or disagree with the following statements.Strongly disagree Disagree Neutral Agree Strongly agree I am confident in my companys ability to respond to a courts e-discovery demand 3%6%25%44%22%Improvements in data quality have increased the value
101、 of data and helped us reach business goals 5%5%24%46%20%I am confident in my companys ability to fulfill individu-als lawful privacy requests3%9%22%47%19%My organization is valuing my skills more and more 6%7%27%45%15%I am confident that my organization is compliant with all necessary privacy regul
102、ations 2%9%22%54%13%My public-facing websites do an adequate job of letting users manage their personal data and privacy rights 3%11%26%47%13%Improvements in data privacy have helped us reach business financial goals 6%11%34%38%11%My developers apply the“privacy by design”principle 5%11%34%40%10%My
103、company is using data storage resources efficiently 3%15%22%51%9%I am confident in my organizations ability to pay a fine and withstand sanctions if we violate a privacy regula-tion 7%11%31%42%9%My organizations data practices are rarely impacted by socio-political events 5%23%27%36%9%Its easy to ba
104、lance data privacy and business demands for data collection 7%30%25%29%9%My company has a solid plan for handling a major in-crease in the amount of data 5%13%24%50%8%Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024PREV
105、IOUSNEXTNovember 2024|Page 162024 The State of Data Management,Privacy,and GovernanceData Volume Being ManagedWhat is the total amount of data being managed by your organization?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in A
106、ugust 2024,and 235 in August 2023Less than 10 TB 10 to 99 TB 100 to 499 TB 500 TB to 1 PB 2 to 5 PB 6 to 10 PB Over 10 PB Dont know 14%9%5%16%8%2024202315%17%17%12%10%5%9%18%16%18%12%Figure 5Data Growth DriversWhat are the main reasons why this has increased?More data-driven and analytics-driven bus
107、iness projects have demanded it More use of cloud computing has enabled it Data retention policies require it Increase in use of AI Our business has grown Increase in online meetings,including video conferences Usual,natural accumulation over time Data is an asset for our company to trade in,so we c
108、ollect more Increase in use of video(excluding video conferences)Increase in imaging,and/or image sizes Increase in messaging Our data governance needs work There are now fewer restrictions on users usage Were simply not deleting enough Base:122 and 176 respondents who reported an increase in the am
109、ount of data managed.Note:Maximum of five responses allowedData:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 202342%39%34%31%29%27%23%21%20%20%17%16%16%12%50%35%30%N/A23%26%N/A25%9%N/A13%13%9%12%2024
110、2023Figure 6AppendixPREVIOUSNEXTNovember 2024|Page 172024 The State of Data Management,Privacy,and GovernanceFigure 7Data Backups and RecoveryHow do you handle data backups and recovery in your current system?Backup and recovery:cloud Backup and recovery:disk Data encryption Data loss prevention(DLP
111、)Backup and recovery:tape Incident response plan Identity and access management Physical security controls Change management processes/tools Endpoint detection and response Document management system Network segmentation Data protection platform End user cybersecurity awareness training Cyber insura
112、nce Cyber-resilient software engineering GRC(governance risk compliance)processes/tools Patch management processes/tools Risk analysis and risk management process Zero-trust network access Cyber ambassadors DRaaS(disaster recovery as-a-service)Emergency services and protocols Analog back-up systems(
113、pen and paper,mechanical credit card swipers,etc.)Budget set aside for ransom payments SASE Note:Multiple responses allowedData:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 202463%47%39%30%28%22%20%20%19%19%17%16%16%16%15%15%
114、15%13%13%13%11%10%9%8%8%7%PREVIOUSNEXTNovember 2024|Page 182024 The State of Data Management,Privacy,and GovernanceFigure 9Environmental Sustainability in Data Efficiency EffortsDoes environmental sustainability play a part in your effort to use data more efficiently?Data:InformationWeek survey of 1
115、52 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 2023Yes,its essential Not much yet,but the push for sustainability is helping us push for efficient data management No,but it should No,why would it?16%8%2024202339%37%19%12%35%34%F
116、igure 8Tools to Enhance Data Privacy and GovernanceWhich of the following tools and techniques are you using to enhance data privacy and governance?Encryption VPNs Identity and access management Multi-factor authentication Data backups:cloud Data management platforms Data backups:disk Privacy manage
117、ment platforms Records management platforms Obfuscation/data masking Anonymization tools Data governance management platforms Data segmentation Master data management Pseudonymization/tokenization Consumer identity and access management Identity security platform GRC platformConfidential computing/t
118、rusted execution environments Consent management platform Data de-identification Data backups:tape Synthetic data Note:Multiple responses allowed.Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 202
119、372%60%46%38%35%34%31%28%27%25%25%25%24%23%22%21%20%20%18%17%15%14%13%78%70%60%N/AN/A33%N/A30%27%31%34%31%30%20%19%26%N/AN/A31%24%N/AN/A9%20242023PREVIOUSNEXTNovember 2024|Page 192024 The State of Data Management,Privacy,and GovernanceFigure 10Policies to Address Data Privacy What policies and proce
120、dures have you taken to address data privacy,data governance,and data security?Increased training Increased automation Improved our data quality efforts Revised our data retention procedures Made data privacy a part of our technology acquisitions process Increased budget Ensured privacy impact asses
121、sments are completed before all IT projects Instituted a data privacy policy Reduced the amount of personal data we collect Made consent forms more user-friendly Increased staff Rearchitected infrastructure Changed our use of cookies Reduced our use of employee tracking tools Reduced our tracking of
122、 location data Reduced our use of facial recognition,other biometric identification Note:Multiple responses allowedData:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 202352%47%46%39%36%32%28%26%24%23%
123、23%17%12%11%9%5%63%41%46%37%36%36%27%N/A32%21%27%14%13%12%10%9%20242023PREVIOUSNEXTNovember 2024|Page 202024 The State of Data Management,Privacy,and GovernanceFigure 11Data Governance DriversWhat is driving data governance at your organization,or which of these are part of your data governance appr
124、oach?Privacy regulations Data-driven decision making Provides basis for stronger cybersecurity and data protection Data ethics,corporate responsibility Need to improve operational efficiency Want to meet industry standards Increases the value of our data Using data storage more efficiently Demands f
125、or better data quality Other data regulations(not related to privacy)Enhancing customer experiences and user experiences Customers are demanding it Makes disaster recovery and business continuity smoother Integration of shared data ecosystemsInternal users are demanding it AI governance or other AI-
126、related needs Makes e-discovery easier/court requirements Third-party partners are demanding it Insurance policies require it Environmental sustainability goals Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 23
127、5 in August 202360%54%38%34%33%32%31%29%29%27%26%25%21%20%17%15%13%13%13%10%69%41%49%N/A43%N/A29%33%26%28%28%15%N/A20%N/AN/A15%N/AN/AN/A20242023PREVIOUSNEXTNovember 2024|Page 212024 The State of Data Management,Privacy,and GovernanceFigure 12Data Privacy Reporting StructureWhom does the person leadi
128、ng data privacy report to?CEO/president or similar corporate leader Chief information officer IT director Chief compliance officer IT manager Chief information security officer Chief privacy officer Chief data officer Chief technology officer Chief finance officer Chief operating officer Chief data
129、governance officer Chief digital officer Cybersecurity or IT security director Cybersecurity or IT security manager Chief risk officer Data governance director Database administrator(DBA)Legal department Data:InformationWeek survey of 152 professionals involved in data management,governance,data sec
130、urity,or data privacy in August 2024,and 235 in August 202342%11%6%5%5%4%4%3%3%3%3%1%1%1%1%1%1%1%1%36%8%N/A6%N/A7%2%6%7%3%7%2%N/AN/AN/A0%0%N/A3%20242023PREVIOUSNEXTNovember 2024|Page 222024 The State of Data Management,Privacy,and GovernanceFigure 13Data Governance LeaderWho leads data governance?Ch
131、ief compliance officer CEO/president or similar corporate leader IT director Chief information officer Chief data officer Chief data governance officer Chief information security officer Chief technology officer Chief digital officer Cybersecurity or IT security director Data governance director Dat
132、a governance manager IT manager Cybersecurity or IT security manager Database administrator(DBA)Chief finance officer Chief risk officer Chief privacy officer Legal department Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in Aug
133、ust 2024,and 235 in August 202313%11%11%10%8%7%6%5%4%4%4%4%3%3%2%1%1%1%1%9%6%N/A17%9%11%10%14%N/AN/AN/AN/AN/AN/AN/A2%1%1%5%20242023PREVIOUSNEXTNovember 2024|Page 232024 The State of Data Management,Privacy,and GovernanceFigure 14Data Governance Reporting StructureWhom does the person leading data go
134、vernance report to?CEO/president or similar corporate leader Chief information officer IT director Chief compliance officer Chief data officer Chief data governance officer Chief information security officer Chief operating officer Chief technology officer Data governance director Chief finance offi
135、cer Cybersecurity or IT security director IT manager Legal department Chief digital officer Chief privacy officer Data governance manager Database administrator(DBA)Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,an
136、d 235 in August 202343%11%7%7%5%3%3%3%3%3%2%1%1%1%1%1%1%1%36%10%N/A5%4%3%4%7%5%N/A3%N/AN/A2%N/A4%N/AN/A20242023PREVIOUSNEXTNovember 2024|Page 242024 The State of Data Management,Privacy,and GovernanceFigure 15Data Management LeaderWho leads data management?Chief data officer IT director Chief inform
137、ation officer CEO/president or similar corporate leader IT manager Chief technology officer Data governance director Chief digital officer Data governance manager Chief compliance officer Chief data governance officer Cybersecurity or IT security director Cybersecurity or IT security manager Chief f
138、inance officer Chief information security officer Database administrator(DBA)Chief operating officer Chief privacy officer Chief risk officer Legal department Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235
139、in August 202318%15%13%9%8%6%4%3%3%3%3%3%2%1%1%1%1%1%1%1%16%N/A25%8%N/A14%N/AN/AN/A1%5%N/AN/A3%9%N/A0%0%0%2%20242023PREVIOUSNEXTNovember 2024|Page 252024 The State of Data Management,Privacy,and GovernanceFigure 16Data Management Reporting StructureTo whom does the person leading data management rep
140、ort?CEO/president or similar corporate leader Chief information officer IT director Chief compliance officer Chief data governance officer Chief digital officer Chief data officer Chief information security officer Chief operating officer Chief technology officer IT manager Chief finance officer Chi
141、ef privacy officer Cybersecurity or IT security director Cybersecurity or IT security manager Data governance director Database administrator(DBA)Chief risk officer Data governance manager Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data p
142、rivacy in August 2024,and 235 in August 202341%12%7%6%3%3%3%3%3%3%3%1%1%1%1%1%1%1%1%40%11%N/A2%1%N/A6%6%5%7%N/A3%2%N/AN/AN/AN/A0%N/A20242023PREVIOUSNEXTNovember 2024|Page 262024 The State of Data Management,Privacy,and GovernanceFigure 18Figure 17Figure 19Structured Versus Unstructured DataUsing you
143、r best estimate,what percentage of your data is structured vs.unstructured?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 2023Structured(databases and transactional data)Unstructured(office docume
144、nts,images,and raw data stored as flat files)2024 Average Percentage2023 Average Percentage58%42%55%45%Frequency of Sharing DataHow often do you need to share your data with others both internally and externally?Data:InformationWeek survey of 152 professionals involved in data management,governance,
145、data security,or data privacy,August 20242024 Average Percentage48%5%6%1%4%22%14%Daily Weekly Monthly Less often than monthly On an ad hoc basis Other N/A Data GrowthThinking back to the total amount of data managed you answered previously,approximately how much has the amount changed in the past 12
146、 months?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy inAugust 2024,and 235 in August 2023Increased by over 100%Increased by 75%to 100%Increased by 50%to 74%Increased by 25%to 49%Increased by 10%to 24%Increased by 5%to 9%Stayed
147、about the same Decreased by 5%to 9%Decreased by 10%to 24%Decreased by 25%to 49%Decreased by 50%or more 18%3%19%26%17%1%1%1%1%2024202313%22%4%4%9%1%1%1%18%25%15%PREVIOUSNEXTNovember 2024|Page 272024 The State of Data Management,Privacy,and GovernanceFigure 21Figure 20Request for Users Private DataHav
148、e law enforcement or government agencies requested you turnover users private data in the past 12 months?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 2023Yes,employees data Yes,customers or thir
149、d parties data Yes,data for a mix of internal and external parties No Not sure23%55%202420236%7%9%26%5%6%6%57%Complying with Request For DataDid you comply with the request for data?Base:33 and 37 respondents who have had request for private dataData:InformationWeek survey of 152 professionals invol
150、ved in data management,governance,data security,or data privacy in August 2024,and 235 in August 2023Yes,completely Yes,in part NoNot sure6%55%2024202372%22%62%30%57%5%3%PREVIOUSNEXTNovember 2024|Page 282024 The State of Data Management,Privacy,and GovernanceFigure 23Figure 22Change in Data Requests
151、Have these types of requests for data increased or decreased in the last 12 months?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy in August 2024,and 235 in August 2023Increased considerably Increased slightly Remained the same De
152、creased slightly Decreased considerably Not sure2024202337%32%4%21%2%4%50%20%5%20%2%4%Respondent Job TitleWhich of the following best describes your job title?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024IT/cybersecu
153、rity director/managerIT operations CIO/CTO/Chief analyticsCEO/president/CFOIT/cybersecurity staff Engineer Chief compliance,data,digital officerCSO/CISOConsultant VP of IT or cybersecurityDeveloper/AppDev/DevOps Other 62%12%14%23%8%10%6%4%3%6%10%2%2%PREVIOUSNEXTNovember 2024|Page 292024 The State of
154、 Data Management,Privacy,and GovernanceFigure 25Figure 26Figure 24Respondent Company SizeHow many employees are in your organization in total?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024 10,000 or more 5,000 to 9,99
155、9 1,000 to 4,999 100 to 999 Fewer than 100 No answer62%20%24%11%24%21%1%Respondent IndustryWhat is your organizations primary industry?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024Consulting/business services IT vend
156、or Government Healthcare/medical Financial services/bankingTelecommunications/ISPs Non-tech manufacturingConstruction/engineering Education Chemicals,electronicsBiotech/pharmaceutical Media/entertainment Non-profit Retail/e-commerce Logistics/transportation Other 62%9%7%11%11%11%4%3%5%5%5%3%3%3%3%9%
157、8%Respondent Company RevenueWhat is the annual revenue of your entire organization?Data:InformationWeek survey of 152 professionals involved in data management,governance,data security,or data privacy,August 2024$5 billion or more$1 billion to$4.9 billion$500 million to$999.9 million$100 million to$499.9 million$50 million to$99.9 million$6 million to$49.9 million Less than$6 million Government/nonprofit Dont know/decline to say 62%13%6%19%10%12%12%8%13%7%PREVIOUS