Key Note:  Aaron Weller  

First Comes Ethics, then Comes Democratization

While allowing broad access to data sounds like a great opportunity - if you consider how valuable that data can be, there is clear risk in democratizing access without appropriate risk management in place, but where traditional risk management doesn't have the answers, what can you do?

Building a culture of responsible data usage with a strong ethical basis within your organization will allow you to both reap the benefits of data democratization and respect personal information in accordance with your organizational goals and those of other stakeholders.  Think beyond compliance and about how to develop and deliver a culture that makes data work for you.

Aaron, a Fellow of Information Privacy, has over 20 years of global experience in security and privacy.  He led PwC's Western US Privacy practice for 5 years, and was the CISO for two multi-national retailers prior to leading GDPR efforts for a major technology company.  He is now VP, Strategy for Sentinel, a privacy technology and consulting company.

Speaker:  Brendon Lynch

Data Privacy: Can you future proof your data governance in a rapidly changing world?

New and updated data privacy rules and regulations are proliferating globally, making the governance of personal data increasingly challenging. At the same time organizations across all industries are transforming digitally and using more and more data to help drive product innovation, employee productivity, operational efficiency and customer connectivity. Data governance programs increasingly need to take account of various privacy requirements around the world while ensuring that those digital transformation benefits can be realized. In this session, you will hear how Microsoft is seeking to deliver a principled, globally-consistent privacy experience to its customers while maintaining compliance with a growing list of privacy and data protection laws around the world. It will also explore the important question of whether a common set of data privacy practices and controls can not only enable compliance with the varying requirements around the world, but can also ‘future proof’ us against what might be on the horizon.

Panel:   A Foundation for Data Democratization

Take advantage of an well informed panel that covers the topic of Data Democratization from a number of perspectives.  Four panel members will exchange light hearted debate on what it will really takes to achieve the goal of Data Democratization based on their respective battle scars.  The audience will gain an appreciation for the trade-offs in privacy, user control, traditional data governance and why “thinking big” isn’t always the answer (but thinking critically is).

Gold Sponsor:  Denodo

Data Democratization with Proper Guard Rails in Place

Speaker: Saptarshi Sengupta

What makes data scientists happy? Of course, data. They want it fast and flexible, and they want to wrangle data themselves. But most classic data warehouses (DW) and data lakes are not easy to deal with for agile data access. A more practical solution is the logical data warehouse (LDW), which has shown to be a more agile foundation for delivering and transforming data and makes it easy to quickly plug in new data sources. When the right data is made available at the right time, it can also make any business user happy too. But does that work for the IT and compliance departments? Self-Service BI promises to remove the bottleneck that exists between IT and business users. The truth is, if data is handed over to a wide range of data consumers without proper guardrails in place, it can result in data anarchy.

Attend this session to learn why data virtualization:

Saptarshi Sengupta is the Director of Product Marketing at Denodo Technologies. He is responsible for leading Denodo's customer marketing, analyst relations, press relations, product marketing and many other aspects of the marketing function. Saptarshi brings in a wide range of industry knowledge including semiconductor, networking, consumer electronics and enterprise software and almost two decades of engineering and marketing leadership experience. Saptarshi holds an MBA from Cornell University and has published two IEEE papers in semiconductor space.

Panel:  The Data Ethics of Emerging Technologies

New technologies have created a surge in the collection, use and volume of data.  Artificial Intelligence (AI) enables the processing of enormous quantities of information, allowing it to identify data patterns and make decisions on a scale and pace beyond what humans can do.  Internet-connected devices (referred to as the Internet of Things or IoT) collect data about their environment constantly, including where people are and what they are doing.  Autonomous Vehicles (AV) use data sets and algorithms to able to travel with less and less human intervention over time.  Facial recognition software makes it easier to identify people quickly and automatically. 

There are tremendous societal, business and individual benefits to these technologies.  But there are also risks and questions.

What are the ethics associated with these technologies?  What happens when inputs and algorithms lead AI to create and reinforce data bias?  What are the privacy and security concerns associated with IoT and facial recognition?  What are the ethical issues associated with AVs that must “decide” how to respond in an emergency?  Are data ethics uniform across technologies or are they specific to each one? 

What duties do the creators of these technologies owe to the people whose data is collected and used, if any?  Will the US answer these questions in the same way as the rest of the world?  How is the law shifting to address these concerns? 

Speaker: Bar Lockwood

Breach Fatigue:  An Opportunity

One of Gartner's 2019 and Beyond Predictions asserts that through 2021, social media scandals and security breaches will have effectively "zero lasting consumer impact." And no wonder! Breaches of millions, and sometimes billions, seem to happen monthly. The so-called Collections #1-5 Megaleak of 25 billion records, representing 2.2 billion unique identities was mocked only a few weeks later by another 620 million records stolen from 16 websites in February 2019. How many times does our private information need to be stolen before it no longer matters?

When it comes to "breach fatigue" we are already there. A recent Harris Poll reported that only 20 percent of respondents said they “completely trust” organizations they interact with to maintain the privacy of their data. Customers don't believe we can keep their data safe. Regardless of the penalty implications of GDPR and CCPA most companies know they are right, some having shockingly proven them so with multiple recent data breaches.

What does it mean when no company can reasonably expect to protect its private data? How does that affect our perception of regulations like GDPR and CCPA that define protection expectations and disclosure penalties? And how can we argue security as a "competitive differentiator" when customers no longer have confidence in protective measures. Where do we go from here?

In this session we'll explore:

Bar Lockwood is a CISA and CISM with industry recognized credits in security integration. She has worked as a Data Governance Lead, SOX Manager, Threat Intelligence Specialist and Security Manager at Microsoft & Premera. Her focus is cross-discipline alignment to achieve optimal security. She currently works as a Principal Product Security Leader at GE Power Grid Computing. She is currently focused on national infrastructure protection and is currently engaged as Principal Product Security Leader at GE Power Grid Computing.

Speaker:  Brian Schrameck

Reducing Data Privacy's Impact on Business Velocity

Privacy is becoming a differentiating characteristic for organizations. Consider Apple, who routinely touts privacy as a strong selling point over their competitors. But when business units that rely on analytics and data science hear the terms “data governance” and “data privacy”, there is often trepidation. “How will these policies affect my analysts and data scientists?” “How much red tape am I going to have to deal with?” Introducing comprehensive governance controls naturally leads to a mandate versus mission argument with some of the enterprise. There are those who want to leverage data democratization to transform and accelerate the business, but are having trouble reconciling that mission with the mandate to ensure governance and privacy.  Reducing the friction between the governance organization and the data consumers, but not at the expense of security and privacy, is key to enabling innovation and organizational velocity.

This talk will focus on the processes and concepts that allow organizations to continue accelerating their differentiation in the marketplace with data, while still adhering to sound privacy and governance principles.

Speaker: Dave Wells

Data Governance in a Changing World

Conventional data governance practices come from a simpler time when data management was free from many of today’s challenges such as agile development and self-service analytics. Traditional data governance focuses first on enforcement of policies and controls. Enforcement continues to be needed, but it should be used as a last resort and not as the first or only governance technique. Adapting old governance practices to support the autonomy and agility of the modern data management world is a must. Modern data governance needs a new approach that:

• Emphasizes prevention and intervention over enforcement
• Reduces complexity with a minimalist approach to policy making
• Manages complexity and advances data literacy through data coaching
• Replaces hierarchical and authoritarian decision rights with collaborative decision models
• Shifts from slow and rigorous change control and issue resolution processes to agile and adaptive change and issue management techniques

We can’t actually govern data; we can only govern what people do when working with data. Recognizing that data governance is more focused on people and culture than on technology can truly change the game. It is practical to implement data governance practices that are not in conflict with agility, speed, self-service, and autonomy.

Dave Wells is Data Management Practice Director at Eckerson Group, a data and analytics research and consulting firm. Over a career of 5 decades he has filled many data management roles including implementer, architect, and manager.  Modernizing data management is Dave’s main focus today as big data, analytics, self-service and other trends reshape the world of data management.