FountainBlue's July 19 VIP roundtable was on the topic of 'Balancing Privacy, Security and Access'. We were fortunate to have some seasoned executives representing a wide range of industries and perspectives to lead our interactive discussion. Below is a summary of their thoughts and suggestions.
Security is everyone's responsibility.
Make the time to proactively keep your data safe, to learn about threats to your system, network and data.
Comply with corporate, federal, international protocols.
Participate in industry leadership groups to collaborate on security standards which would benefit all.
Practice effective data governance, so that people know what the data is, how it is collected and updated, who has access to it, how it is secured, etc.,
Technology including AI and GenAI is crucial, but humans will continue to oversee and manage security and privacy.
It makes sense to leverage AI to create dashboards of information so that humans can make informed decisions. But it will take a human to make sure that the data reflects accurate, unbiased, relevant information, so that the right decision for the company is made.
GenAI is creating options on what to do, given historical information and current challenges and opportunities, but it takes a human to make a decision among these options, and to deal with the consequences of the choices. It also takes a human to ensure that the right, relevant and accurate data is provided so that appropriate options are created by GenAI.
Below are some general guidelines to help your company maintain a higher security standard.
Practice a 3-2-1 strategy which requires 3 copies of data, with 2 media types (like cloud and disk), with one 'air gap' security measure used to physically isolate a secure computer network from unsecured ones, such as the Internet or unsecured local area networks.
Leverage proactive anomaly detection, security incidents and event management tools to help stay in front of data breaches.
Know what kind of data you have, how it's accessed and updated, who gets access, etc., and manage who updates those protocols and how that is handled.
Use scenario planning to help understand the security, privacy and access risks to the company's equipment, data, facilities, and people.
Below is a list of challenges, which could also be opportunities for those who can provide elegant, integrate offerings:
Native AI platforms may be better equipped to provide more versatile and flexible security management tools and services for client companies as their solution is not built on top of non-native AI applications.
There are huge opportunities as more companies are relying on Open Source security modules for their solutions, but also more challenges as we rely on an active and engaged community of volunteers to ensure individual open source modules remain secure themselves.
Integrating our information into a single source online is more efficient for the user to manage, but also more efficient for hackers to compromise. There are, therefore, opportunities for companies to securely gather information online into a single source *and also* to manage that data so that it remains secure and private.
Technology solutions rely on data, but sometimes, the validity of the data is biased, inaccurate, irrelevant, etc., How do we make sure that the data is the right data to help achieve intended results? What could we do collectively to raise the bar, so that we are working with the right data? There is a huge opportunity ahead, with huge implications.
It's overwhelming to consider the challenges of keeping a company and its data, equipment and people safe, but it's also inspiring to hear the tales of today's executives as they lead and collaborate to keep us innovating and working efficiently while keeping ourselves and our data safe.