In the digital economy, data is like oxygen — giving life to innovation. And just as important, data security establishes the trust needed for that data to deliver value.

In fact, organizations with the most advanced security capabilities delivered 43% higher revenue growth than peers over a five-year period, according to research from the IBM Institute for Business Value (IBM IBV).

Yet, when corrupted or exposed through cyberattacks, data can fuel disruption. The cost of a data breach averaged almost $10 million in 2022 for U.S. organizations. When trust in data is broken, it impedes business growth and drives up spending.

The most successful Chief Data Officers (CDOs) navigate this challenge by establishing trust based on a strong foundation of secure data and then using that trusted data to accelerate opportunities. That is the clear takeaway from two recent studies of more than 3,300 CDOs, conducted independently by the IBM IBV and by Amazon Web Services (AWS).

CDOs in the IBM IBV study cited data security as their most critical responsibility. Similarly, respondents in the AWS CDO Agenda noted data governance — an essential element of data security — as their top priority.

The highest-performing CDOs take these priorities a step further. The IBM IBV study identified an elite group of CDOs who outperform peers by 40% in innovation and 10% in revenue growth. A critical differentiating trait: the way they align data security strategy with operations and technology strategies. They place a stronger emphasis than peers on cybersecurity and data privacy, on transparency in data architecture, and on trust in data effectiveness.

Explore the Report

Supercharging Data Innovation

Like brakes on a race car, strong data security helps organizations move confidently and realize value from data more efficiently. Businesses can dare to go faster and take risks knowing they have effective controls in place.

The data security agenda is moving to the fore as organizations prepare for new capabilities like generative AI and quantum-safe cryptographic standards.  For large organizations, the challenges are considerable. Organizations operating across multiple clouds and multiple jurisdictions need to manage data security policies and controls that are location, environment, or workload specific.

If not well-integrated into architecture and operations, data compliance can become unduly complicated — in ways that demand additional resources or impact the organization’s agility.  Customers migrating data and workloads to AWS or between public and private clouds need to understand the nuances between security responsibilities for on-premises versus in-cloud environments. As part of this new landscape, organizations face a variety of security challenges: protecting and ensuring visibility across data silos, accommodating the surge in remote work, and enforcing a variety of different data compliance standards throughout the greater enterprise. The ability to serve data that is secure and trusted, at any point across the operations lifecycle, is key to success.

Leading CDOs from the IBM IBV study illustrate the point. Their organizations use modern security controls and security practices to help protect data from unauthorized access, to help ensure data privacy, and to manage regulatory compliance and governance as competitive differentiators. They establish a security foundation that positions them to more quickly achieve operational goals — from increasing revenue and profits, to improving customer relationships and marketing, to enabling new products and services, processes, business models, and strategies.

By aligning their data, operations, technology, and security strategies to the organization’s primary business objective, or “North Star,” data leaders help strengthen their data security and establish the trust required to fuel better decisions and better performance (see figure below). They cultivate a culture where collaboration is the norm and data security permeates the organization.

The practices that drive results at these leading organizations can be emulated by any organization. As these leaders demonstrate, if applied in a systematic and rigorous way, basic security measures lead to greater data agility and, ultimately, better business outcomes.

Download the report — co-authored with AWS — to explore the data security practices and principles behind the success of leading CDOs. An action guide offers short- and longer-term suggestions for how you can use data security to accelerate your path to value. And to learn more about IBM’s data security offerings on AWS, download this white paper.

More from Data Protection

How Application Allowlisting Combats Ransomware Attacks

5 min read - Ransomware attacks are on the rise in both volume and sophistication. Triple extortion (a ransomware attack on one business leading to extortion threats on its business partners) is raising the cost of attacks. Ransomware-as-a-Service puts the means to attack in the hands of smaller criminal entities, making the tactic a commodity and not just the tool of masterminds. It’s no surprise that ransomware attacks are now substantially more expensive to recover from than other types of data breaches. Keeping attackers…

5 min read

As Data Gravity Goes Up, are Clouds Becoming Black Holes?

4 min read - The more data in one place, the more data it attracts. This “data gravity” is a familiar function for enterprises, even if the term isn’t. As the number of applications hosted on local servers increases, so too does the amount of data necessary for them to operate. Add more data and more applications are required to manage this data. Over time, the cycle repeats again and again as data gravity builds. Now, this gravity is shifting to the cloud. With…

4 min read

How Do Some Companies Get Compromised Again and Again?

3 min read - Hack me once, shame on thee. Hack me twice, shame on me. The popular email marketing company, MailChimp, suffered a data breach last year after cyberattackers exploited an internal company tool to gain access to customer accounts. The criminals were able to look at around 300 accounts and exfiltrate data on 102 customers. They also accessed some customers’ AIP keys, which would have enabled them to send email campaigns posing as those customers. This data breach attack wasn’t especially noteworthy…

3 min read

Beyond Requirements: Tapping the Business Potential of Data Governance and Security

3 min read - Doom and gloom. Fear, uncertainty and doubt. The "stick" versus the "carrot". What do these concepts have in common? They have often provided the primary motivation for organizations’ data governance and security strategies. For the enterprise, this mindset has perpetuated the idea that data governance, data security and data privacy are reactive cost centers existing due to externally imposed requirements or mandates. Yet, what if data governance and security practices could upend the prevailing paradigm and demonstrate direct business value?…

3 min read