Policy management relevant to data exchanges with third parties. How are you doing it and who is responsible for enforcing and maintaining those policies?

1.5k views2 Comments

Sort by:

Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotecha year ago

Really have seen the shift away from CIO to General Counsel/CCO.

Field Chief information Security Officer (CISO) for Public Sector & Client Advisor in Finance (non-banking)a year ago

In the public sector, especially in state and local governments, this policy management role has traditionally been under the Chief Information Officer (CIO). In many cases there has been a policy team that works with the procurement organization(s) that ensure that the right contract language is contained in statements of work and requests for proposals.

Also, governance and enforcement of compliance with these policies and industry standards has been under the CISO, CTO, Chief Privacy Officers (CPOs) and other tech leaders who also ensure that policies, standards are procedures are up-to-date and relevant.

That being said, many public sector organizations are adding Chief Data Officers (CDOs) that do not necessarily report to the CIO. In some cases, these CDOs are in business areas or report to other senior leaders.

Content you might like

Which cybersecurity metrics do you currently use with your board?

We use Microsoft PowerBI extensively at the company. Over 15,000 reports.
For our "corporate" reports, like financials or HR, we centralize those requests and attend them with my team.
We currently "extract" information from multiple systems (ie. SAP, SuccessFactors, CRM, etc...) and put in into a SQL Analysis Services. For interpreting the data we have a Semantics model in PBI.
The problem I see is we can't scale enough to comply with the reporting demands as the semantic model is "unique" and we end up having only one or two developers that can work at a time.
Anyone has an idea how to scale their PBI teams without having to redevelop the semantic model per report?

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

HashiCorp (Terraform, Vault, Packer, etc.)22%

Cloud infra automation (Ansible, Puppet, Chef, etc.)56%

APM (Datadog, AppD, SignalFX, NewRelic, etc.)10%

Others?10%

View Results

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What is your overall attitude towards Edge Computing?

I am a huge fan of this technology20%

I find this technology very useful, yet have some slight doubts64%

I have quite a few doubts about this technology12%

I am not a fan of this technology at all2%

View Results

Policy management relevant to data exchanges with third parties. How are you doing it and who is responsible for enforcing and maintaining those policies?

Sort by:

Content you might like

Which cybersecurity metrics do you currently use with your board?

What's your most indispensable cloud infrastructure tools to use in addition to what you get from GCP, AWS, Azure?

What do you do to recover quickly from early missteps in a new role? How can you keep initial mistakes from coloring perceptions when you’re still trying to establish your reputation at a new organization?

What is your overall attitude towards Edge Computing?

What sets us apart?

RELATED ONE-MINUTE INSIGHTS

CrowdStrike Outage: Impact And Recovery

Data-Driven Customer Experience: Uniting D&A and CX Teams

2024 Marketing Priorities and Challenges: Insights from the Field

Data and Analytics Priorities and Challenges: 2024 Trends

Generative AI and Software Engineering Teams: Adoption and Training

Take Your Insights On-the-Go