 Hello, and welcome. My name is Shannon Kemp and I'm the Chief Digital Officer of DataVercity. We'd like to thank you for joining this this DataVercity webinar, the data trifecta privacy, security and governance race from reactivity to resilience, sponsored today by Anonos. Just a couple of points to get us started due to the large number of people that attend these sessions you will be muted during the webinar for questions we will be collecting them via the Q&A or if you like to tweet we encourage you to share us your questions via Twitter using hashtag DataVercity and if you'd like to chat with us or with each other we certainly encourage you to do so and just to note Zoom defaults the chat to send to just the panelists but you may absolutely change it to network with everyone. To find the Q&A or the chat panels you may click those icons in the bottom middle of your screen for those features and as always we will send a follow-up email within two business days containing links to the slides, the recording of this session and any additional information requested throughout the webinar. Now let me introduce to our speakers for today, Joseph Summer, Awate, Steve Prestige and Gary Lafever. Joseph is the managing director in the data and analytics practice of EY Financial Services Office with 30 years of financial industry and consulting experience. Awate is the vice president of data governance and privacy engineering for Capital One and is a season tech executive who most recently served as global chief data architect for Yahoo. Steve is the chief commercial and innovation officer for Anonos with more than 20 years of experience in digital helping clients use their data to full advantage. And last but not least Gary is the CEO and general counsel of Anonos who's worked at the intersection of law and tech for 35 years, including as a partner at law firm Hogan levels and is an architecture, an Accenture consultant. And today Gary will also be the moderator for our esteemed panel. And with that, I will give the floor to Gary to get today's webinar started. Hello and welcome. Thank you Shannon. So we're excited about being here today. And we want to make it very clear the data trifecta that we're talking about today is actually your privacy, security and governance teams. And I'm going to go over some stats and some other background information as a lead in but then we're going to go into six questions that each of our panelists will answer. And through these discussions with our panelists, you're going to see how providing these teams your privacy security and governance teams with both the technology and the remit to work together enables your organizations to evolve beyond a reactivity to resilience. But even more importantly, particularly in today's times of fears of recession massive layoffs, this data trifecta approach with the right technology and remit can actually lead to increased innovation and profits that are several magnitudes greater than what you have today. Yes, I said magnitudes, not a percentage improvement. So what are we talking about here. We hear a lot of people talk about data is the new oil. Right. But the reality is oil gets used once. And once it's burned once it combust. It's gone. It's no longer around. But with the right data trifecta attitude technology and remit, you actually can change data, not into the new oil, which is really a single use asset, but the new water. And what I mean by that is with water you absolutely have to be careful. Okay, you can use water incorrectly and it could be tainted poisoned, etc. But if you use water correctly, it's generative, it regenerates it replenishes itself. And you'll see through the discussions with our panelists that that's what's possible. So if your organization is willing to adopt a new mindset to challenge what it's done in the past, you actually as I said, can increase your innovation and profits, several magnitudes. So what's the problem and how come more people aren't enjoying these types of productivity gains. There's actually a misconception of widespread misconception, right, that reactive functions, such as privacy security and governance are necessarily at odds with your more proactive functions analytics data innovation. And that attitude is actually a big part of the problem. And these different groups to work together, enable them to do so and give them the tools to do so. The results can be, well, near magical. So let's take a look at some background statistics and research and we want to thank 451 research S&P global market intelligence. This data all comes from their, their research voice of the enterprise data analytics data management analytics review that they did. Here's the interesting thing. Look at the power of what's on the slide. All the things that effective privacy security and data governance can deliver. Right. Who wouldn't want all these things in blue, and certainly the two in purple. Right. Faster speed insight, faster relevancy, higher quality data. So what's the issue. Well, the issue is, this is how those same groups are perceived by the business as impediments as obstacles that have to be overcome. And one of the reasons for this in this, I have to say was one of the results of this analysis I found at first most striking but then as I thought about it, it actually made a lot of sense. Look who actually is responsible for implementing in most organizations, privacy security and governance when you come right down to it. Right. Over 65% of companies delegate that to it. And that's simply not fair. And what I mean by that is it is not tasked with the job and opportunity to enable this kind of expanded data use. IT is more likely to look at the inventory of the tools that they have in place and say yeah I got that. But the reality is the interplay between these different data protection techniques are absolutely critical. And so you can protect data using any one of these techniques. And how effective that protection will be, and how widespread the utility of the data and the fidelity and the timeliness will be for the data users is a very different matter. And so what's needed is to allow these different groups privacy security and governance to work with it. Don't get me wrong. But they need to look what's needed to support each individual data use case. What we look at is the seven universal data use cases. And the reality is what's necessary to protect data and enable data innovation utility and insight are very different for each of these, as are the legal requirements. And so expecting it in and of itself to have the wherewithal and expertise to give you the best test Dev and demo data. Maybe you can accomplish that. But those same tools are not going to allow you to jump up to use case five and share data with service providers, which includes by the way cloud providers, as well as outsourcing. So each of these different use cases requires a different combination of skill sets and techniques. The reality is with the right technology with the right remit to the data trifecta. It's almost like this barista machine. Okay, where the same source data, the same coffee beans can be used to deliver very different outcomes. So what we'd like to refer to this is lean data and what we mean by that is for each of these seven universal use cases. You're delivering just the data that's necessary to meet the needs of the user, no more. There's something this level of granularity modularity and scalability that no one data protection technique can satisfy, but rather a platform approach that enables you to pick and select and actually automates many of the functions to embody and reflect your own organization subject matter expertise does in fact make it possible. So again, we're going to start off with our panelists views we have six different questions we want to ask them. But how many in the organization would not be interested in moving from a mindset that's predicated in many respects outdated approach to protecting data that are incompatible with the new use cases, so that we can have much more effective benefits and fidelity and utility. So as I'll say it again, you can improve and increase your innovation and resulting profits, several fold. So we're very honored to have the three speakers that we have here today we're very lucky. And we're going to start with this question. What do you think this is going to be targeted our first. What do you think about characterizing data is the new water versus the new oil. Do you think it works. What do you think. Hey Gary. Thanks for having me. I certainly certainly do think that it does work. I might actually take that even one level further Gary. I think in some circles, folks have actually heard of me talk about data as the new cappuccino right because it in my sense for the things that I care about. For example, making sure that sensitive information is not. It's, it's taken out of the data and in a manner that doesn't impede the analytical value of the data. It helps to think about it like a cappuccino which in the simplest sense is just milk and and coffee right so and when when you think of the milk as sensitive information and coffee as just the facts in the raw data. You tend to find out that once you've mixed those two things together, they're incredibly hard to kind of separate apart. And what I really love about the image that you shared earlier about the different use cases and the different baristas you I believe you called it the, the lean view on data. It's, it's, it just hits the point right. I'm very interested in making data available for folks to do to leverage for the maximum amount of analytical use cases that our users are consented to, but I'm also super interested in doing that with the least amount of friction possible. So what I really love about adding in just what you need at the right time for the right use case, it kind of goes back to that whole concept of, you know, water having this characteristics of, you know, reusable and available with the right level of quality at the right time. And when you add in milk, like I like to talk about in terms of sensitive information, it really drives home the points that you how you bring in data into your ecosystem is going to be really, really important because once it gets to a certain state it can be hard to bring it back. So hopefully that that touched that point that Gary. Absolutely. Thank you for that I was so Joe from your perspective. What is your experience or thoughts with regard to this approach to data which is selective and and tries to not only maximize its utility and applicability, but doing so in a way that makes it replenishable near inexhaustible. I like the concept a lot, Gary, I think it, it ties into several properties of data that are important for us, you know, to consider. I mean the first thing is that data has value. And so, you know, so does water right. And in fact I could think back to the time when water was considered. It's not that important the idea of buying bottled water. I remember Evian when Evian came backwards a joke among my friends was Oh, Evian spell backwards is naive because who would buy water and bottles when you get such great water so plentiful come from the tabs. Water is ubiquitous right, and that's how data first seen, but then eventually people realize hey water is scarce, orders valuable people built entire businesses around water people have reinvented water with adding vitamins to it and other stuff like that. And, you know, there are economies and industries built solely off of water, which at one point was not considered other than you know and areas where, you know, it's drought regions and that sort of region, you know, it was considered plentiful and maybe not that valuable at all so the idea that one water is it has value and so does data I think it's important. The second thing is that, you know, data and water both take different states right water you can freeze it, it can be liquid it can be steam. I think when it's frozen it's locked down nobody could get to it. When it's steam, it's leaking out of the organization and anybody can get to it. So we want to get the water that liquid form so we can use it we can transport it. And I don't know if anybody's ever had a chance one time I was driving to Maine, and I was near Poland Springs and I was like I like Poland Springs that's pretty good water I'm going to go visit the factory. Let me tell you can't visit the factory they have it locked down like a military complex. They're protecting their data because that's their most important business asset. They also have a fleet of trucks and distribution they ship water and I get a five gallon set of five gallon jugs from Poland spring up in Maine, you know, every, you know, every month. And so they they've solved both the problems of let's protect our water supply which is a valuable asset but let's also have a distribution system that we can safely make it available where it's needed for people in their homes. And I think that's the problem that privacy security and governance are trying to come together. How do we keep our data safe while enabling its usage. Well said Joe. Steve, do you have any other insights or perspectives on this? I'm not sure I can go past that. That was that was very impressive. For me, Gary, it's very simple. It's a great, it's a great level. You know, you see the world is made up of 70% water. And I see the companies that we're dealing with it's all about the data. It's all about how it flows. It's all about how it's, I'm going to redirect it. And I love the idea of this concept of reusability, you know, so reusability of water reusability of data, and ultimately data becoming more of an asset. And Joe said it so well how, you know, water has been, it's been devalued, but now it's highly valued. And I think data is the same thing. So, all of our clients, you know, all of our all of those businesses out there are looking to basically make better decisions, drive higher productivity, stronger business outcomes, and new revenue streams and I feel that the concept of the reusability of data as per water is a great concept. So one of the things that I love about these webinars or podcasts or public speaking is, is I find that adrenaline really helped us to sharpen the mind. And so you've all just heard one another speak to this. I'm going to time you now, I'll give you each 30 seconds to summarize why you think this analogy works, and why you think it'd be helpful for organizations in such a time as we're at. So, go. Why I think the analogy of water versus oil. Well just really boils back to what I said earlier. The data has to flow within the enterprise it has to get to the places where it's going to have maximum utility. And the fact that it's reusable is, you know, at various levels of quality at for different parts of the business. It's actual how it's its own utility in there. In fact, we already talk about data in in terms of water data links data, data streaming, etc, etc. Right. So, I think there's, there is value to businesses, particularly from the perspective of being able to reuse the data asset once it's already been created or or transformed into a data product by another business unit. There are. There's lots of value in thinking of it in that terms, it makes it easier to describe to to the business. Fantastic. Well said, Joe, your turn. 30 seconds. Go. Data has value. Data flows. Data takes different shapes. Data can be used and I'm sorry, water. Right. Water has value. Water flow. See what's such a great analogy I can use the words interchangeably. There you go. Yeah, but it flows it has value it takes different shapes you want to protect it you want to enable usage, its value is increased over time, and industries have been built up around managing water in so many different ways and I think that we're moving to a data where the ability to manage data and just data share data are going to be all key business capabilities much like transportation, logistics, electricity and other things that change the way the world worked previously. Fantastic. So Steven let us always put you at the end so you can't say all the great things that I want Joe say your turn 30 seconds go. So for me, you know I mentioned I think people can't survive without water businesses can't survive without data to be able to flourish in business to be able to survive the usage of data slash water is a requirement. And ultimately if we can do that successfully, we will not become extinct. I love it. Alright, let me interrupt. I think he topped us all with that. I'm telling you, I think the adrenaline of being put on the spot brings out the best of people you all three did fantastic so thank you for that. I think we go with Steve first next time. Alright, so this one we're going to start with Joe. Okay, and the question is really what is the role of collaboration controls and customization for turning no into yes or maybe we could even say from turning oil into water. What's your perspective on this. So this is an area where I've had some experience working with companies that are wrestling with the data dilemma, trying to balance between keeping the data safe and adhering to privacy obligations and reducing risk. All at the same time enabling analytics use cases and a variety of other business needs collaboration between the data office privacy are essential throw in info sec is as well, but definitely between the you know privacy and the data team collaborating to say we both need to go to the business to accomplish certain goals that are relevant to our functional areas. Let's that do let's do that together in a coordinated fashion. It'll save the business some time. And also it'll help us meet our remits to keep the data safe and able to use it to understand what we have now controls become a big part of that by having effective controls in place. Like I've worked with some privacy teams working for the data offices where we've shown that we have effective controls whether it's moving to like granular row column access or ways to transform the data so therefore it's less risky because it's been denied, or because we have the ability to provide the privacy team with reports showing who had access to this data how often they use it and control detecting if there's a, you know have normal usage patterns. So we need to make privacy more comfortable. And then ultimately, this has to be customized the organization's culture, because the real issue here is not technology. It's people. And so we need to get people together to understand how data is how we're keeping it safe, how we're enabling usage that we have the right controls that we don't get ping pong between privacy. I mean I've seen some business groups just pull their hair out they're just trying to solve business problems. And they're going between different functional areas following these kind of manual processes, going back to your point about proactive. If we can make the data available safely and monitor its usage instead of having to put a three month four month manual review process in front of every use case. So that's how I think they tie together. Well said, well said. Do you have any perspective on that as well. Yeah, I was just going to add to that I think you know from a collaboration standpoint, right out the back like one of the biggest problems that you see really doesn't matter what industry you go into is you have data proliferation. And that generally comes from, you know, the fact that this several copies of the same data that I just found all over the entire enterprise, and teams don't generally collaborate on, you know, creating standards right you have multiple standards postal number or a phone number and this this comes from perhaps like a limited amount of collaboration, not increasing that starts getting you know folks to go towards a direction of data products right and domain specific opportunities on on a particular data asset so that you don't have to copy it, or you can leverage existing standard data products to create new data products. On the topic of controls, I would have to agree with Joe in that sense right and I'll just bring it back to kind of what I was, you know, talking about earlier. In this day and age you you generally from a time to value standpoint, when you're you're going, you're going through your, your classic analytical use case you want to make sure that a you have the right data asset, and be doesn't have any sensitive communication in it. So that governance process tends to increase your, your time to value right you know Joe you mentioned three four months that I've heard of use cases where that's, you know, eight months nine months sometimes the horror stories where it's 18 months, and that the story becomes even worse when after 18 months you find out that that the project is not viable because the data assets don't really make sense. How, how can we go from a place where these manual processes exist today to a place where the controls are actually baked into the data. And where, where in our enterprise customers are end users of the data if you may can very quickly go from I have an idea to discovering the data that they want to to test the hypothesis with and doing some really analytics, whatever that whether that's BI reporting or whether that's machine learning that getting to that place where it just the data just flows right it's it's kind of it's that's for me that's the mission. So just to think of just bringing it back to your point to the point earlier just data like water. I can't explain to you the complexity that exists between the water that flows and the streams, right, and how it gets into the the public plumbing system and then the plumbing system in my house. I just go to my think and I turn the faucet and water flows and I have a cup of water. That's the kind of simplicity that enterprises from a consumer standpoint that the customer needs to get to and want data, I get data, not I want data, let me sit around for four or five months and maybe I'll get the data that I think I'm getting. I love it. Steve, your thoughts on this. Yeah, obviously the big question for everybody every client's working on modernization projects. For me those modernization projects really need that collaboration. And it's critical, but it's really difficult. Really you've got you know you've got that data team that Joe talked about the privacy security and governance teams. There's really four different conversations happening there. Ultimately it takes too much time. So you're talking about controls, you know for me a platform approach to controls gives you the focus gives you the guidelines gives you the rails, you know that they gives you the proven methodology and the approach to build collaboration, which also flows into standards that I think Joe mentioned, right, which means that when you know you have standards, you can think about automation, and ultimately get data into more of a utility, which is what I was talking about so I think this this is one probably the critical conversation. Yeah, and the idea of controls that flow with the data is just really consistent with the concept of data as the new water. Right. And the reality is it does help you to collaborate because the people who receive the data that has the controls embedded in it can only make the intended and authorized use and therefore you could create different versions that data for different use cases and customizing them so that so that's great. So I will have you start off with the next question. What do you see is the impediments to enterprise the shifting from more of a data loss prevention, right to a data maximization resilience and sustainability. Right, so what do you think the biggest challenges and, and, you know, boogeymen are that would otherwise make that impossible. I think, you know, I'll just boil it down to like, you know, the four main areas of data management and data governance that exists at various varying degrees of maturity throughout enterprises right. For one, cataloging. I need to know where all my data assets are, so that I can discover them. I, you know, I need to know what I what I have. Assessing the quality of my data in a very timely fashion is also going to be important to me like that for quality data for one user might be incredibly rich quality data for another user but not knowing the quality of the data is just useless for every user. Access control management, knowing who has access to the data for what use case for when do they need access to the data and for how long right to like time time limit. Data lineage understanding where the data came from, where the data is right now and where the data is going and time all that in together in the nice little bowl where you, you as an enterprise are trying to drive responsible use of the of the data for your for your consumers. I think that, you know, that on paper is easier said than done, and various enterprises are at varying rates of maturity across those domains and I think once you, you get to a place where all those those data management and data governance domains are just really humming and are talking well with each other. You have real good clarity on the sensitivity of the data and therefore understand which use cases it cannot cannot be used with. Only then do you achieve like really high velocity of the utility of your data. Well said, Joe, your thoughts. There are a lot of impediments that I see and part of what I do for a living is to try and remove them and come up ways that fit for certain companies to solve those impediments. The biggest one we hear the most about is privacy concerns and, you know, desire to make sure that you're not violating any laws related to privacy. We also hear, and this has been for some time, you know, if information security is probably the most mature in terms of, you know, security breaches the penalties associated with that the risk are now embedded into contracts like every contract you sign with the vendor now will have a whole data section on liability and limits and that sort of thing so concerns about what if something happens to our data. And what if our privacy laws are violated, you know, alleviating that risk is a top concern. Another big impediment is the fact that many organizations have federated data environments, and they don't have a way to pull their data together, and they don't have a catalog. So if you ran a business and you say oh I have a warehouse, I don't know what's in it, or I've got dozens of warehouse all over the world I don't know what's in each of them. But the cost is so everybody wishes there was a bot or something and you know chat chat GBT could read all your data and figure out what the data means and put it into a catalog like a library, you know, or Amazon bookfinder type of thing where you can find exactly the data you need to get all this great metadata about it. You know, I think, you know, the, you know, if you go to buy a product on online it's going to tell you, you know, where, where it came from how much it costs, what are some quality review ratings what it does size distribution, yet data you it's often contained in tribal knowledge inside of people's heads so not knowing what data you have, and you know where to go get it is another big impediment. And that and that takes effort. And I think it takes an investment to go clean up those warehouses organize them tag everything and store a computer system that says, we're going to keep track of our data and where it moves to. And then I think the final thing is business engagement and demonstrating business value, like logically you could explain the benefits of protecting the data, enabling it for analytics, cataloging it, measuring data quality, all these sorts of foundational good practices, but to really get the business to engage and gain benefits from it they need to see that they need to see the value they want to see an ROI. And so hard charging business executives are going to say well before I get behind this, you know, expensive enterprise data project that I'm kind of skeptical about I want to know the ROI I want to know what it will do for us. One of the great news is there's so many examples now of firms that have successfully leveraged data for economic value, generating insights, creating new products, etc. But it's a much easier case than it used to be so. Now those are the big impediments I want to highlight. Joe, if I can just add a point there Gary. I think, I think you just drove a point that I really like what you did there you said like imagine you had the business where you had widgets that you sold and you have warehouses of it, and you didn't know what was in the warehouses. You just imagine you're a business owner, and you didn't know who went in and out of those warehouses, and what they're doing with the whatever was stored in there, I think it just drove a shiver down my spine. I'm a data professional and I know this stuff but just imagine just thinking about that in in in stark terms just made drives the point quite home. Right, I mean, you're really looking to embed the trust in the data. And you know what's happening so Steve, any thoughts on this particular question. I'm going to take two seconds. I know our and I and I think Joe and I have talked about this over the times. Everything I just heard from both our and Joe is all about, you know, governing all of the data. It's highly complex highly time consuming very costly. And because we're trying to govern and control everything. It becomes high risk because you're doing so much with it. I do like the concept of how do you now govern just the sensitive data rather than 100%. If you feel that the sense of data is five to 10% of the overall data stack. If you control just the five to 10% rather than trying to do the whole 100% you start to see some significant advantages makes a ton of Steve Steve I'd like to push back on that for just a second. I'd go for it. And here's why John, because I have seen a lot of clients. Let's say oh here's my data set it's got, you know, 800 data, you know, data elements in this data asset. And then I'm going to look at the, the, the 80 that are, you know, sensitive or possibly sensitive. Okay. So first I need to identify those 80. Then I need to protect them I need to figure out how I'm going to protect them. Then I need to maintain them and see where they go. What if I could take that whole data set and make it in a way so that it was usable. I don't have to filter out the sensitive from the non sensitive because I protected the whole thing I locked down the whole warehouse, but you could still go in and out we know who went in and out. And you could you know create good products that you sell based upon what's in that warehouse. And I think that more holistic approach to data. You could be more efficient, at least until the tools get good enough to say, this date is a birthday, not a date the contract was signed or whatever. Right. And Joe, maybe I was joining the, I think we agree. I think we're great. We're absolutely agree. And I think the points where I'll just double click on is, if you were to add the data, let's call it the data production data creation side of things, understand that a little bit better the characteristics about the data, like, you know, what what the metadata if you may, right. And also, in addition to that, you can actually start scanning that metadata, the data that's flowing in on with an understanding of the metadata itself, you can start really like getting really good about not letting sensitive information get stored in in your ecosystem where it's not supposed to go. It's like you know your your logistics system where I'm going to send my diamonds into the vault. And I can send, you know, the 800 ton logs of wood to to the to the lumber yard in the back right it's still valuable, but you know I can store that outside whereas you know the diamonds are probably need to be stored in a stronger vault. Well said, you guys are better when you're spontaneous so keep it up. All right, so so this one, not that you're not good otherwise. So this one is for you Joe to start with right, you know, based on the different client engagements and work that you've done personally, and or you're familiar with that EY has done. What do you see as the benefits from trying to converge these different perspectives, right and and what do you think enterprises can realize, because look it's not what's done today so why do something different. The number one benefit really is about efficiency and effectiveness really one and two right. It's efficient. If you think about and I've worked with teams where we've brought together the privacy, info security and and office of the CDO together to come up with a unified engagement model for the business. And we also did unified reporting up to the leadership for the data program. This saved everybody time. It reduced the number of interactions it reduced the number of applications it made the data related work that was being asked or required or mandated of the business, a more manageable, it made it easier to support them. And so by converging, you know these three together. There is a lot of efficiency to be gained. The second piece is effectiveness as well. When they're coordinated when there's coordination, you can really measure the results and and do that in a unified way. I mean I'll just be honest about it and I think we all know this sometimes politics are involved. Sometimes it's easier for you know some of these groups privacy or isolate you know security to isolate and say I just said no, we're not doing it proved me wrong make me do it. I mean I've seen that type of posture, because it's risk, and they're managing a functional area and they're like I don't need to take on the risk. This is where the senior leadership needs to come in. So if we look as part of our business strategy we need to enable data usage. We can't leave it leave our good just locked up in the in the warehouse to rot like you think of like some of the farm programs where they're just let in you know corn spoil, and you know silos to keep the price you know take somebody to be the grown up in the room and to say, we do need to enable this and work together so when that happens, you definitely gain efficiency, you see more effective, you see more effectiveness, and I think it also starts to speak of being a data culture you know data driven firm a firm that makes the decisions based upon data. How can I be a data driven firm and make rational informed decisions based upon data. If I can't get access to any of the data that our business runs on. Well said, Steve. Yo, wow. So, yeah. Benefits really of having. I'm going to call it a platform approach to those controls is doing all the things that Joe mentioned right it's it's speeding the processor. It's enabling you to deliver rules and controls into the data that flow with the data, which ultimately means that our privacy teams and security teams can say yes to more projects. Data teams can get access to that approved dates and much much quicker. You know speeding up all of the processes and obviously reducing the risk. I just thought I'd throw a little curveball in there and go to you as opposed to I was so now you get to clean up on this. I think you've done an excellent job of keeping all of us. Listen, I personally think that private security privates and privacy are two sides of the same coin. We are both concerned with the protection of data. I think where privacy differs a little bit from cyber security is that we have a extra specialization in, you know, sensitive information, human data, PII, etc, etc. Right, so, you know, a good way to a good way to think about this like this, let's just say you had a business that created tractors. And those tractors are, you know, we're out on the farm and they're collecting corn and they're sending GPS data back to a satellite. Well, that doesn't have my social security number. It doesn't have my address that really it's just movements of that tractor. That information still needs to be protected and there's there's there's a cyber security angle to that. Now, the minute you start bringing in information about me as an individual buying from that farm, well, all of a sudden there is there's sensitive information in play. And now the slightly different treatment of the data comes into play so cyber security and privacy are very similar. In that sense, one goes horizontal the other goes vertical. Where I think there's an incredible value of these groups coming together in addition to the time, the time to value elements that Steven and Joe spoke to earlier is that that there's there's a sharing of tools and capabilities and sharing of knowledge, when those functions are more or less like one, right. And in some cases, you know, some of the advanced tools that we leverage and some of the machine learning models that we leverage to privacy are actually very similar to the ones that cyber security looks like looks that I'll give you I'll just give you a very simple example. Data quality, which is, it's more this now closer to the data governance side of defense I just wanted to bring them into the conversation so they don't feel left out. Data quality and anomaly detection with machine learning models right where it over time the the model will will detect anomalies in the data. If it's a technique that's leveraged by cyber security looking at anomalies in in IP traffic. The more and more that these stakeholders can be having conversations sharing capability sharing sharing tool sets, the more and more they can create standards together. And, ultimately, yes, at the end, achieve a reduction of the amount of time it takes to get a project from I have an idea to a new data product. So that the timeliness and relevancy of the end result is as important right as the as the privacy as well so you have to hit all of those. Correct. Makes a ton of sense. All right, well you did such a great job on that one hour you can lead off batter on this one right with regulatory legal frameworks constantly changing. Both privacy and security right the SEC is now saying that the boards can have to identify within you know 10 case and annual and quarterly reports, who on the board is responsible for cyber security privacy you have more and more US states and ultimately I do believe there'll be a federal privacy law and then clearly internationally with the GDP are another know what can enterprises do to stay ahead. Oh, that's a that's a wonderful question that Gary. Look, I think that. And this is this is not unique to privacy regulation, though certainly you can see this and in in privacy regulation more than other types of regulations. Enterprises generally have a reactive relationship with regulation. It goes to a responsive relationship with regulation and I explained the new ones difference between the two. In fact, let me let me try to do that with an analogy. You know if I were to build a for those engineers in the audience they'll probably get this part of build a responsive website. It's going to work equally as well on my desktop computer as it would on my tablet as it would on my mobile computer and I don't have to build three versions of that right. However, I took a strategy of you know, building a desktop site and building a very separate tablet site and a very separate mobile site. Some new device comes into play like a different size mobile phone or maybe a television screen with a browser in it. I might have to build a fourth and fifth and and so on and so forth. Building responsive data ecosystems that are able to react to changes in regulation is in my mind is the Nirvana that we all need to get to. I think a lot of organizations rightfully so, once they get a sense of where regulation is going tend to hurry and react to that regulation this is, this is probably most enterprises most industries you look at it the same everywhere. But what if you were to get to a place where your data ecosystems are built in a way that with minor configuration of changes, you can actually be compliant to the next subset of regulations. And by and large if you were to look at most of the privacy jurisdictions. They are shallow copies of GDPR. I mean they all have to reach no nuances but at the end of the day, if you look at the intent behind some of these privacy regulations that they tend to be focused around protecting the consumer. With some meaningful level of prediction, you can kind of get a sense where most new regulations are going to land. And in other cases you can start building your ecosystems to automatically react and, you know, say state zip code is is allowable by in one in one state and in another state it's not right so if you can build your pipelines to be able to keep the raw data in a protected state and that is not accessible, but the data that you leverage free analytical use cases can be transformed to meet the needs of the privacy regulations you can actually do that on the on the state by state basis. And now long term is that practical for most enterprises if you know we had 51 different states outside 51 different privacy laws to deal with in the US probably not. But the reality of it is that we do have the technology to to get there and to just double click on what Joe Joe said earlier. It's really that investment that enterprises have to get behind to really achieve that long term vision. That's your Joe so in your practice, what do you see as ways enterprises can get ahead of this situation. I think you, the, you know, you have to the firms need to get to the perspective of embracing principle strategic principles, as opposed to adhering to tactical regulations. So what I mean by that is we know the basic principles behind privacy like I was said are protecting the consumer, making sure that there's consistency between how you said you would use the data in your disclosures and your legal agreements is actually how you're using them. I know, I know one large bank that, you know, a while ago got in trouble for, because, you know, the, the description of how one of their specific products worked from a trading product perspective wasn't accurate. And it's the same with, you know, data disclosures if I say, I'm not going to, you know, share your data with a marketing firm and I do, you know, well then obviously I'm violating the disclosure so I think that the way to stay ahead is to have those principles in mind that we're going to, you know, protect the data, we're going to maintain confidentiality, we're going to adhere to our disclosures when we create data products we're not we're going to do so in a way that protects anonymity, you know, particularly for sensitive data. And if you have those principles in place, you know where your data is being used, you know where your client's data is, you can, you can remove it if they request it. If you're able to do these kind of five or six fundamental things, then I think any regulatory framework that comes through which is going to be a couple of tweaks in order to adhere to the specific tactical requirements of those rules. I'll add one thing. There's a firm that I'm just about to start working with that has fantastic policies and guidelines about, you know, what is allowed for the analytics model. There's a firm as they have, you know, hundreds of end users who are trying to create new reports and predictive analytics for their clients, challenging those frameworks, and the overload of, you know, data usage demand and clarification versus the two or three people who wrote the policies and and are responsible for educating them. And it's a burden. And so, you know, one of the things that firms can also do is really try to embed these foundational privacy principles into how they work. And so that it should have become a question whether I can and can't do this, you're going to violate a disclosure clearly you can't do it. Yeah, I want to interject here and just let you know that yeah, we're just less than seven minutes left. Thank you. Steve, any, any perspectives on this particular matter with seven I'll keep it brief. I feel that clients historically have sort of looked to get outside of the regulation as a way of managing but that's become a very high risk strategy. They've also looked at point solutions. So I think that the real learning is, you know, grab yourself an owner that can look at this from end from an end to end level. Move away from point solutions pro actually review the new technology at that Joe just mentioned he's working with somebody that's got these great things. There's new technology is really creating a solution that not only solves the regulatory law for problem, but it's also looking to be future proof, in line with what I think Joe said, a little tweak here and tweak that so I think, really it's about making sure there's an there's another for the for the overall end to end problem, drive clarity and understanding and and and test the things in the marketplace makes a ton of sense. So Joe, I'm going to let you lead off and your answer to number six but I also want to answer a question from the audience, because I think it may tie in may or may not to each of your different responses to this one. At one point in the presentation we talked about embedding subject matter expertise into the data. We also also talked about controls that flow with the data. When we're talking here and I want each of you to take a shot at this and we'll take other questions as well but now what are the pointers and immediate actions and lessons learned. Well I'll start out and first of all thank you for having me on this panel is enjoyable I really appreciate the conversation you always get me thinking in the preparation and the actual event. And I hope that this was a constructive conversation and well worth people's time. In terms of immediate actions and next steps organizations really need to figure out where you want to spectrum. If zero is it's data is locked down and nobody can get it, and 10 is it's the Wild Wild West. Then you'll have some indication of what you can do to move to that six or seven range where data secure protected but we're also able to enable enable enable usage. And the most important thing is that companies see data as an asset, protect it as an asset, understand catalog it and protect it. And then those you do those and measure quality, you do those those things, then you're going to be well along the curve towards data maturity, and enabling, you know, real analytics use cases that deliver our why everybody's so excited about chat. And the reason it was so effective was because it had a tremendous amount of data with which to work, basically the internet. If we're going to build business specific AI, it's going to need data with business specific, you know data information iot and the like. And so companies really need to get good at making their data available in order to you know future proof. Got it Steve your thoughts. Yeah, I think from your question you mentioned about this concept of leveraging subject matter expertise and embedding controls I think that's where it comes from, you know, whether a client is thinking about operationalizing their AI and machine learning, building a monetization strategy or literally just on a journey of modernizing their data flows. I think if you've got the capability of embedding subject matter expertise into the data. So you have those controls. It really drives two things. It enables you can say yes to many many many more projects. And it ultimately speeds up the approval of those projects. So whether it's four times more and four times quicker, you're really driving that 16 times productivity by by literally using that subject matter expertise and embedding the controls into the data. Fantastic and now we want to turn it back to Shannon with a minute left so you have two minutes to hit this home. Okay, no problem I'll be really quick about it. Listen, I think response with data usage is really the future here. We're just double clicking a little bit on the topic we just had about the regulations is their their framework, their the rules that we have to follow. But I think, you know, there's there's a space ahead of that that as enterprises we could sit there comfortably and and do what's right by our customers and I think you opened up this conversation. That, you know, there is a fallacy in place of preventing analytics by injecting more and more controls and trust. I happen to agree with that I think you can actually still achieve high velocity, high fidelity data analytics, and also do it in a matter that's responsible on that, you know, builds trust with your customer that you're you're doing the right thing by them. Absolutely. And that's a great way to wrap it up and I want to thank the three of you, our Joe and Steve will turn it back over to Shannon. Mary, thank you so much for this great discussion. It's been very insightful, lots of comments gone on there that I can see. I just want to let everybody know we will send a follow up email by end of day. Thursday for this webinar with links to the slides and links to the recording, along with anything else requested. Thank you so much everybody and thanks to anonymous for sponsoring today's webinar making this happen. Thank you for the opportunity and let's go with the new water. We love it. That's privacy respectful and maximum value. I absolutely love it. Thanks y'all. Have a great day. Thank you. Thank you.