Last year, according to a data risk report produced by Varonis, 53% of companies surveyed discovered that over 1,000 sensitive files were open to all of their employees. Without a robust data governance framework in place, the potential for security issues in the shape of data breaches, cyber-attacks and insider threats is huge, perfectly illustrating just how important it is that you implement robust data protection measures.
As an official certification body backed by the UK Government, CRIBB Cyber Security adopts a security by design approach. We place a tremendous emphasis on data protection and data governance. We have helped many organisations with their security frameworks over the past two decades, and our strong ties in maritime and cruise* has assisted us in creating a framework specifically designed for that industry.
Any organisation unable to account for the data they hold must re-evaluate their approach to data governance.
Define the data you hold into different categories (digital, hard copy etc.) with subsets for each. This will enable you to make the most of it and thereby augment your overall efforts.
Data Governance (DG): What is it?
Quite simply, it is the process by which organisations manage and protect their data. Effective DG can help to ensure consistency in the data held, whilst crucially also acting as a major deterrent against potential misuse through the application of internal data security policies. Nowadays, with a huge emphasis on the adoption of analytics in any business, it is critical that you implement a data governance framework in order to successfully enforce your DG.
5 Reasons why Data Governance is important for your organisation
- Helps to augment your overall efforts with compliance
- Offers protection against cyber-attacks
- Can help to reduce data breaches
- Allows you to make better use of the data you hold
- Can ultimately lead to an improvement in ROI (via a growth in overall efficiency)
5 Considerations for a Data Governance framework
- Are you governed by privacy regulations such as DPA or GDPR?
- The framework must be embraced by all within the organisation so that it is completely effective
- It will take time for this to happen, not to mention additional effort from your teams
- You will need to strongly consider incentivising staff to care about DG
- Choosing the right tools / technology to manage the framework can be difficult – consider conducting research or seeking professional advice
5 Best practices for Data Governance
- Format your data clearly and maintain this format moving forwards
- Identify all data types held and ensure that these are clear to all
- Appoint a chief data officer to oversee your efforts, with a dedicated DG team in place
- Tag all data so that it is easier to analyse
- Use different metrics when evaluating to get the most out of your data
*CRIBB Cyber Security is part of theICEway ecosystem of companies, providing a security by design approach to clients in maritime and cruise for over twenty years.
DPA – The Data Protection Act 1998 (UK)
GDPR – The General Data Protection Regulation (Europe)