Data Governance: Designing the Right Strategy
Experts Discuss the Requirements for a Good Data Governance PlanWhat does it take to have a good data governance plan? Three experts - Indrani Chandrasegaran, managing director, Accenture Security; Carrine Teoh Chooi Shi, CSO, Bond Holdings; and Estelle Wang, team lead for Singapore Security & Privacy Competence Center, Continental share their thoughts in a panel discussion.
See Also: The Hidden Threat: Understanding Insider Risks
"It is all about establishing an enterprise data governance program by focusing on the three main pillars of people, process and technology. With people, it is about defining the roles and responsibilities and facilitating an enterprise data governance strategy," Chandrasegaran says.
"The main thing about coordination between the business, data and technical teams is that everybody has different objectives and different polices. This is why proper policies and guidelines within the organizations need to be in place so that we are able to filter down the communication problem," Chooi Shi says.
"Security teams should be part of decision-making teams when it comes to privacy policies. Security and privacy teams need to help the organization understand the various privacy laws and mitigate the gaps and implement it at the project level," Wang says.
In a video panel interview with Information Security Media Group, the panelists also discuss:
- How to build a good data governance plan;
- How security teams can create uniform standards across enterprises;
- The best practices for determining who owns data within an organization.
Chandrasegaran leads the applied cybersecurity practice across Southeast Asia. She has more than 20 years of experience in cyber governance and advisory and managed security services in APAC, the Middle East and Europe. Prior to Accenture, she served as the CISO and vice president of cybersecurity services at Infosys Compaz.
Chooi Shi has more than 20 years of experience in engineering technology and cybersecurity. Her areas of expertise are critical national infrastructure - or CNI - protection, standards and privacy. She has vast experience in cybersecurity frameworks, ISO 27001, the Personal Data Protection Act, cyber ethics and critical infrastructure protection.
Wang leads a team that focuses on automotive advanced research projects, consultant projects and security operations projects. She was named one of the "Top 20 Women in Cybersecurity" in Singapore in 2020.