Top Business Priorities in 2023: Compliance, Data Security, Data Pipelines and Zero Trust

In today’s ultra-competitive business environment, a company’s ability to distance itself from competitors comes down to data—more specifically, the proficiency with which it can analyze raw data and turn it into market-differentiating insight.

One could argue that data is the most valuable non-human asset a company possesses. And when something’s value rises to unprecedented levels, the efforts to protect it are more aggressive.

In 2023, there will be several trends that further reinforce data’s value. Let’s take a look at those trends and what companies should do in the coming year to address them.

Compliance continues to emerge as a top business priority.

In 2023, five states—California, Colorado, Connecticut, Utah and Virginia—will enact new or updated data privacy laws, and many other states are considering laws of their own. This is in addition to industry regulations and national laws like GDPR. Each data privacy law has varying rigidity and nuances that make compliance complex and confusing.

Now, as more data privacy laws take effect in the U.S. and worldwide, companies that have not taken the appropriate steps to protect data are incurring significant fines. For example, in September, retailer Sephora incurred a $1.2 million penalty for violating the California Consumer Privacy Act (CCPA). Google and Meta are facing a $71.8 million fine for violating South Korea’s data privacy law.

How Companies Should Address This Trend

Forward-thinking companies look beyond compliance to protect data using methods that drastically lower the risk of the eventual breach with a data-centric approach. This approach results in a “fail-safe” posture in which a breach is assumed, but the lost data is unusable, eliminating the prospect of embarrassing disclosure and punitive damages.

Companies will ease the burden of potential noncompliance and reap more rewards from processing their data. Addressing compliance means taking a proactive posture to avoid costly fines, lost business and reputational damage while gaining a competitive advantage over those who take a more reactive approach.

Data security becomes an executive-level concern.

Data is no longer stagnant. It’s being analyzed and shared continuously. The potential for data to yield business insight and protect it is at an all-time high. Given this convergence of usage and protection, businesses will make data protection and security their highest priority in 2023. A recent study found that 62% of respondents expect their security budget to increase by as much as 10% in 2023.

How Companies Should Address This Trend

Forward-thinking companies will explore methods that protect their data no matter how data is being used at the time—intake, analysis, sharing or at rest. In 2023, data security concerns will be a primary motivator for privacy compliance spending. As penalties for noncompliance to privacy legislations emerge more frequently, companies will take notice and make significant investments to protect data.

The concern over potential fines and the business benefits of preserving data privacy while still enabling its utilization are tremendous motivators to dedicate resources to protecting it at all times.

Enterprises will more aggressively transition from traditional data stores to data pipelines.

Companies are generating, ingesting and consuming massive streams of data. This data is critical for business success, as evidenced by the increasing investments in data processing infrastructure and data engineering personnel in corporations.

We will see an accelerated reliance on data pipelines, allowing multiple sources to feed a data warehouse using streaming mechanisms. This method will begin to replace traditional ETL approaches. Due to the increasing awareness of privacy regulations, security auditors will stop these migrations from happening, putting the data engineers in a no-win situation.

How Companies Should Address This Trend

Innovative approaches that allow sensitive data to be de-identified in these streams will gain more prominence, and privacy-enhanced computation techniques that allow data processing without exposing it to infrastructure administrators will become ubiquitous. Companies should begin having conversations about these approaches if they have not already.

Zero trust accelerates advanced data protection methods.

As security professionals work under the assumption that no one can be blindly trusted with sensitive data, organizations go beyond basic security measures for data protection methods. The move to zero trust proves just how incredibly valuable that data is, and it must be protected at all times, whether in transit, in storage or in use.

How Companies Should Address This Trend

Organizations seeking to shrink data risk must adopt an assumed breach posture to make the risk irrelevant. Businesses that understand this will employ proactive protection methods at the record level—which renders data unusable to hackers. This action is both good business and good for business, as they help enhance corporate reputation and build customer trust.

In Conclusion

Data security and privacy preservation are no longer niche IT concerns—they are critical business priorities. As data’s value rises and more data privacy laws are enacted, organizations that do not stay ahead of the curve may find themselves playing catch-up in the years to come. Aggressively addressing data protection and security gaps should be at the top of any company’s to-do list in 2023 if it isn’t already.

 

This article originally appeared in Forbes.