Cloud Expo Asia Keynote Theatre

Sponsored by:

Cloud Data Governance: A Strategic Imperative in 2015

Evelyn de Souza

Cloud Security Alliance Data Governance Chair

Data Privacy and Compliance Leader, CTAO Office, Cisco Systems October 2015

• Why Cloud Data Governance

• Data Types

• Data Governance Models

• Business-consumable Data Protection

• Your Call to Action

Agenda

Why Cloud Data Governance?

The State of Data Insecurity

Data Breach Losses$400M – estimated financial losses from 700 million compromised records Source: Verizon 2015 Data Breach Investigations Report

Insider Threats (malicious and accidental) 61% of organizations admit they don’t have the ability to deter an insider threat. Source: SpectorSoft 2014 Insider Threat Survey

Cloud Assets and Rogue File SharesEach worker stores an average of 2,037 documents in cloud storage servicesSource: Elastica 2014

Machine-to-Machine Data Interactions“We expect an increase in cyber attack campaigns initiated by IoT-compromised devices and interconnected systems..” Source: Experian 2015

Cloud is Not a Single Amorphous Model

SaaS

PaaS IaaS

7

Trust Does Not Equal Compliance

Data is Not a One-Size-Fits All Model

CONFIDENTIAL – FOR INTERNAL USE ONLY

Establishing a Data Governance Board

Data Governance Milestones

KPIs and tools for measurements in

place

Sporadicdata issues

communication

Standardized data definitions and rules

in place

Processesdefined by individualtechnology functions

Standardized process per

organization/

Processes are centralized, controlled and measured

Undefined data management

policies

Ad hocprocesses / per data

management

AD HOC MANAGED DEFINED PROACTIVE OPTIMIZINGValue driven

Quantitative management of

data

Real-time analysis and resolution

Continuous process improvements– way of life

Contextual Data Security

12

Making Data Protection Business Consumable

CONFIDENTIAL – FOR INTERNAL USE ONLY

1

Exploring Toolsets for Cloud Data Governance

Steps

2

3

4

http://clouddataprotection.org/cert/

14

Building Beyond Compliance..

Contribute

• LinkedIn Group

Consider joining us on LinkedIn:CSA Cloud Data Governance Working Group

• Mailing List

Our mailing list is hosted on the Cloud Security Alliance listserv:https://lists.cloudsecurityalliance.org/mailman/listinfo/datagovernance

Consider joining our Cloud Data Governance Group on LinkedIn:

CSA Cloud Data Governance Working Group

• Build an Executive Data Governance Board

• Align Governance and Business Priorities

• Continue the conversation with me at evedesouz@cisco.com or on Twitter

Your Call to Action