Luis BrancoCEO| Business Insight, Consultores de Gestão, LdªCarcavelos, Lisboa, Portugal
A useful starting point is to ask what level of security the data actually requires, rather than assuming all data carries the same risk.
I would look at data sensitivity, purpose of processing, access rights, where the data is stored and processed, retention, third-party exposure, and what happens if confidentiality, integrity or availability is compromised.
For me, being “secure” is not a binary state. The real question is whether the controls, evidence and accountability are proportionate to the data and the consequences of failure. Saving Changes...
Sergio Luis ConteHelping to create solutions for everyone| Worldwide based OrganizationsBuenos Aires, Argentina
Perhaps I did not understand well your point but if you are talking about this activity at organizational level then my personal experience is we created a functional division for all related to data management. The reason was organizations moved to data centric organizations mainly when the new model of generative AI was published in 2017, Saving Changes...
"Not all chemicals are bad. Without chemicals such as hydrogen and oxygen, for example, there would be no way to make water, a vital ingredient in beer."