 Live from Cambridge, Massachusetts, extracting the signal from the noise, it's theCUBE, covering the MIT Chief Data Officer and Information Quality Symposium. Now your hosts, Dave Vellante and Paul Gillett. Hi everybody, welcome to day two of MIT IQ. We're here at MIT's Tang Center. This is the MIT Chief Data Officer Conference. It's the ninth year of this event and theCUBE is in its third year of coverage here. And this event has really evolved from one of a focus on information quality, which is kind of a very boring but important topic, but with the big data theme exploding, it's really evolved into a Chief Data Officer and more of a big data and even evolving into an analytics event. I'm here with Paul Gillett and Paul, I want to talk a little bit about the sort of evolution of not only this event, but the role of the Chief Data Officer. As I said, it's sort of the boring but important category and it's still got at least one foot stuck in that camp and there's seems to be a bubbling up of desire by the community to really focus on innovation. And so we heard yesterday, for example, that maybe the title should be analytics and data or data and analytics and many people are proposing putting analytics first. Analytics being the engine of innovation for a lot of companies, but still there's a lot of discussion here around governance, certainly security, where does that fit into the organization? You're in the keynotes this morning, what's your take on what you heard and what I just said? Well, I think the analytics angle is important, Dave, that's a great point. The problem with that being that the title then becomes, the acronym becomes CAD, C-A-D, so we're going to have to figure that problem out. But you and I have been covering this event for three years now and it's been very interesting to see how it's evolved. Two years ago when we were first here, the Chief Data Officer concept was really new and people were sort of talking about, well, what is it and how is it going to evolve and do we need it? And then last year there was a lot of excitement because we had people with CDO titles who were here and we had, and of course in the last year we've had the White House establishing a Chief Data Officer and just a lot of bubbling enthusiasm over the growth of this concept and how this was going to take over the world. This year, you're familiar of course with the Gartner hype cycle. I think we're a little bit in a trough of disillusionment right now. I'm hearing CDOs and these panels talk a lot about data quality problems, about data structure, about the need to get a handle on the data they have. It seems like a lot of the work that they're still doing is basic bricks and mortar, finding out where the data is, getting it in a form that's useful, figuring out what the governance principles were. Very interesting discussion this morning came up over what is the role of the Chief Data Officer? Is it to permit or to enable access data or to restrict access to data? And one of the panelists was Nick Marco who we had on theCUBE yesterday and works in the healthcare industry and he was saying, we've got HIPAA, we've got this 20 year old rule that basically said you can't do anything with data. And yet we have, and this new concept of big data comes on and suddenly we want to do things with data and you know what? Our patients want us to do things with data as well because it's going to improve the experience for them. But we've got government rules that say, no, thou shalt not touch. And so the CDO in healthcare is in sort of a sentry, a guardian role, which is really the antithesis of what we want to do with big data. So I think there's a bit of a crisis going on right now of trying to figure out how this role goes from being a caretaker and an architect to being a business enabler and an innovator. So I think there are a lot of similarities with what we were talking about yesterday with one of our guests about the whole notion of governance and compliance. And it really started in 2006 when the federal rules of civil procedure came out and essentially made electronic documents admissible. And what happened then is every company scrambled and there were a number of high profile cases like Morgan Stanley was one and there was hundreds of millions of dollars in lawsuits and were judges who just didn't understand well, why can't you produce an email? What do you mean you deleted it? So everybody scrambled to try to plug that hole and they were focusing on little pieces of that. And then what happened is it became very much a procedural thing because plaintiff's attorneys would attack the process. So if you could show that you had a process, then you could say, well, and it's technology and it's really complicated, but we have a process and here's our process. We delete everything after n number of days or we retain everything for this period of time and then we defensively delete it. I think as the industry has become more sophisticated and technology has become more sophisticated and the legal systems have adapted more, the processes and infrastructure and software has to evolve as well and it is. The problem is there's now so much more data. Now the other piece is that you've got this idea of information as a liability. This is why you need a guardian. And you've got information as an asset and with the big data meme hitting, information became more of perceived as value as opposed to this thing that we have to manage through a life cycle. You still have to manage it through a life cycle, but that was the sort of tail wagging the dog where the general counsel was sort of in charge and now the lines of business saying, screw that. We have an opportunity, I'm going to run with it and I'm going to initiate a project and Hadoop or whatever, analytics project, the CMO versus the CIO spend, i.e. the CMO spending more than the CIO and they don't care certainly as much, if at all, about governance compliance and maybe to a lesser extent security but they may not be in a position to affect security the way they should. As a result, those pieces, those corporate edicts get bolted on which we know is a recipe for disaster. So that's the interesting tension here is asset versus liability and I think that's a balance that the CDO is going to have to manage. At one point, we felt like it was the CIO's job to do that. It never became the CIO's job. So is it the CDO's job? Well, I think it's, your point is great. It's the, this is exactly the kind of issues that CDO's are dealing with and there is precedent in what CIO's went through for many, many years. The CIO's went through exactly this same problem. Your role on the one hand is to protect and secure. That's your primary role and your secondary role is to enable and to innovate. And what happened is I think CIO's got so focused on the protect and secure that they became the guys who said no. And that was negative for the CIO, the perception of the CIO role. I don't think CIO's have ever really recovered from the perception that they are the naysayers, the people who frustrate innovation. And I think you're right. CDO's are entering exactly this same kind of problem where they've been given responsibility for this hugely important asset. And on the one hand they have to protect it and certainly in regulated industries that's job one. But on the other hand, you've got to do something useful with it and the business people are pounding on the door saying we need access to that data and here's the CDO being the guy who says no. And we heard from Sandy Pentland yesterday about Enigma, basically inspired by the Bitcoin blockchain, potentially a new architecture for internet security, but also privacy and the notion being okay, encrypt everything, distribute it into a black box, never share the raw data, never expose the raw data to anybody and eliminate the need for a trusted third party, which increases your threat matrix. A whole new concept. The problem, of course, is how do we apply that to all the applications and data that we've created? It's getting people to use it. Right, I mean the government just suffered a theft of 21 and a half million records of federal employees. And it turns out that these records were stored in plain text. They weren't encrypted. This is the federal government. If the federal government can't set an example for industry, what's industry to follow? So this is basic blocking in tact. I think what Sandy was talking about, this idea of a trustless encryption scheme, is a fabulous concept, but getting people to use it. We can't even get them to patch SSL, right? Right, right, right. Huge expense in order to do that. So maybe this says the security business is going to be a good growth business for a lot of the companies that we follow in this space. But nonetheless, I think that it underscores that example you just gave and many, many others underscore the security with this cloud, mobile, big data, social world. It's kind of a do-over. You hear Intel talking about putting security at the chip level. We hear folks like MIT and others, IBM's been working on this and Samsung's been working on a similar type of distributed scheme. Again, inspired by the Bitcoin blockchain as a new sort of paradigm for security, but the implementation of that is going to take decades. Well, the encouraging thing about what Sandy said yesterday I thought was, we can solve the security problem. You know, there is no reason why we ever have to unencrypt data. And once data is permanently encrypted, then you don't have a security problem anymore. The problem, again, is the devil is in the details. And getting the blocking and tackling of these kinds of technologies to be broadly adopted, it just doesn't happen. So I think that one of the things that comes into focus at events like this is the organizational issues. You know, we heard, well, first of all, who has a CDO? Most companies still don't have a chief data officer. I think it's very clear that in finance, healthcare, government, it's happening and will continue to happen in this momentum there and it's seeping into mainstream. But mainstream has not adopted this approach nearly as much as those three industries. In fact, if you go to a lot of the conferences that we're at and you ask people who thinks there should be a CDO that's separate from the CIO and shouldn't report to the CIO, many in our industry feel as though that it's not necessary, that it's the CIO's job, which I think we agree it's not. But there's a chief security officer in most companies, most global 2000. Where does he or she report? Does that report now into the CDO? So there are organizational issues. Where does the CDO report? Well, do I have a CDO? Where does that CDO report? Where does the CIO report? We flipped a lot from COO to CFO, sometimes even in the Y2K days it was the CEO. So that's been sort of a musical chair. So there are significant organizational issues that have to be resolved. Have you heard much here about those? I think with the sub theme of almost everything, everybody's talking about is organizational because they're talking about, we're still talking about what is the CDO responsible for? And so that fundamentally comes down to whom does he or she report to and what are the metrics for success? So I absolutely. Yeah, so it's interesting. So we're going to be talking about this and other topics today. We've got a lot of practitioners on folks from MIT. We've got a lot of guys coming from the government. Government, yeah, our first guest from the Office of the Undersecretary of Defense. Right, so a lot of good thinking is going on within government organizations, building frameworks and processes and beginning to implement them. So we're going to unpack these issues today. This is day two, MIT IQ. We've got a crowd chat going at crowdchat.net slash MIT IQ. So weigh in there, ask us questions there. This is theCUBE. theCUBE is SiliconANGLE Wikibon's live production. We go out to the events. We extract the signal from the noise. Myself, Paul Gill and Sam Cahane will also be sitting in today. So keep it right there, everybody. We've got a day long at MIT and Cambridge Mass. We'll be right back.