Current manual processes of managing data are too slow and inefficient to keep up with the scale of today’s threats. AI adoption is undoubtedly paving the path for greater data innovation by enabling the ability to collect, access, and gather the most accurate intelligence faster than ever before.
However, it’s not as simple as organizations integrating AI into their operations; the reliance on AI for critical decision-making demands a high level of accountability that prioritizes data integrity alongside ethical and legal standards.
Ryan Miles, Associate Director of Systems Engineering at Nightwing, recently shared his views with SecurityInfoWatch.com (SIW) about how AI adoption has required a shift in data approach and how organizations can integrate AI successfully.
SIW: Why has the adoption of AI required organizations to shift their data approach?
Miles: Manual data management processes are too inefficient to keep up with the pace of today’s threat environment. The rapid advancement of AI and machine learning has enhanced organizations' ability to optimize the speed and scale at which data is analyzed. This allows organizations to get the most value out of their data and drive more automated decision-making. At the same time, this has also introduced certain challenges around data acquisition and how to properly integrate it into existing workflows.
Every organization will need to make the decision of whether they will leverage existing AI models or look at the data they are sitting on and try to augment and train models based on their own data. However, leveraging legacy data can be tricky. It is often outdated and lacks a standardized structure and quality. It also often doesn’t comply with current ethical, policy, or legal standards, as data ownership tends to be unclear.
As a result, organizations must better collaborate across teams to better manage data and maintain its integrity. This requires the right toolsets and framework to manage, manipulate, and coordinate this data.
SIW: How can organizations take steps to shift towards a more cohesive data management strategy?
Miles: A key principle of maintaining data ethics is for businesses to be intentional with the data they leverage for operations. This extends to any personal data as well. For many companies, this will mean reevaluating their data collection.
With this, organizations must keep two critical concepts in mind: data minimization and accountability.
Data minimization is the concept of only harnessing what’s most useful for your organization’s business needs and cutting out unnecessary data collection. Furthermore, data accountability is useful for reducing risk and building trust across internal and external stakeholders. It consists of making privacy a top-level concern, not just an afterthought, through impact assessments, data processing records, and assignment of data privacy officers.
To apply these concepts, many organizations are leaning towards end-to-end data management plans, as seen with the IC Data Strategy and DISA Data Strategy Implementation Plan. Both plans outline a framework that holistically integrates data to drive intelligence outcomes. The core focus is a data-centric architecture that ensures data is discovered, analyzed, and disseminated interoperably and securely every step of the way.
SIW: How have these shifts impacted data team structure?
Miles: A more cohesive data management approach requires a mindset shift across an organization that fosters a data-driven culture. Organizations can no longer afford to operate in silos for many reasons, including that every stakeholder down to the lowest level budget teams must understand why they are implementing AI in case data sets are compromised.
Handling data must be a core skill for every worker, extending beyond just data teams. Achieving this requires leaders to prioritize recruiting a well-trained, knowledgeable, and data-aware workforce to provide relief as data challenges progress.
This entails searching beyond the typical resume, focusing instead on the right characteristics and soft skills (e.g., creativity, critical thinking) that make an individual successful in handling data. When structuring teams, organizations should also consider the increased crossover between data and cybersecurity roles.
As a result of this, we’ll also see a rise in more data-centric positions across teams and the assignment of privacy officers, such as the Data Protection Officer role.
SIW: Why will the Data Protection Officer become more integral to an organization?
Miles: The Data Protection Officer (DPO) has evolved significantly as the rise in AI has introduced complex privacy challenges, such as data bias and the need for transparency in automated decision-making. Alongside managing heightened cybersecurity threats and navigating an expanding regulatory landscape, DPOs now play a crucial role in ensuring AI deployments comply with data protection laws while upholding ethical standards.
This shift demands that DPOs stay abreast of technological advancements and actively shape AI practices to safeguard privacy, making their role more strategic and integral to organizational success. As such, we’ll see an increase in organizations hiring people in this position with the skills and knowledge specifically tailored to their industry needs.
For example, given the dynamic nature of the cybersecurity field, flexibility and a proactive approach to learning and adaptation are key traits needed in this role. Ultimately, the right DPO can ensure that innovations match equally advanced privacy and ethical standards.
SIW: What data management trends can we expect over the next year?
Miles: As organizations assess what steps need to be taken internally in regards to data management and technology, the competition will become all about who can collect, access, exploit, and gain intel the fastest, ultimately giving them the advantages they are looking for. This means leaving behind outdated and inefficient practices and disciplines that have been rooted in so many organizations and taking advantage of the forward-thinking and fast-paced environment to leverage new and cutting-edge practices.
To rise to these present challenges, we will see organizations expand the way in which they collaborate externally and internally and establish more cross industry partnerships.