Latest news with #datagovernance
Forbes
02-07-2025
- Business
- Forbes
Leadership In The Age Of AI: Preparing For The Next Wave
By Craig Davies, Chief Information Security Officer, Gathid. Artificial intelligence (AI) is no longer a distant prospect. It is reshaping industries, automating workflows and redefining the way organizations manage data and security. However, as AI's influence expands, leaders face a crucial challenge: how to embrace AI-driven digital transformation while maintaining a strong identity and access governance. Without proper controls, AI's ability to surface insights could lead to unintended data exposure, regulatory violations and operational disruptions. To successfully prepare for the next wave of AI-powered transformation, business and technology leaders must take a proactive approach. This means addressing identity and access governance at the core of their AI strategy, ensuring that AI has access to the right data without inadvertently exposing sensitive information. The AI Paradox: Unfettered Access Vs. Stringent Controls AI's potential lies in its ability to analyze vast amounts of data, drawing insights and making connections that might otherwise go unnoticed. However, organizations often struggle to reconcile two opposing goals: 1. Empowering AI With Access To Comprehensive Datasets: The more data AI has, the more powerful its insights become. 2. Restricting Unauthorized Access: Ensuring that AI does not surface sensitive information to users who should not have access. The dilemma is clear: AI works best with unrestricted access, yet businesses must enforce strict controls to protect privacy, security and compliance. If these governance measures are not in place before AI systems are deployed, organizations risk losing control of their data. AI Governance Starts With Identity And Access Management For AI to operate effectively and securely, leaders must have a strong handle on identity governance. This includes knowing who has access to what, why they have it and whether that access should change over time. This is particularly critical as AI interacts with cross-functional datasets and automates decision-making processes. Key strategies to consider include: Knowledge Graphs For Access Visibility: AI needs structured data to function optimally. Knowledge graphs provide a unified, contextualized view of identities, permissions and relationships across systems. This ensures that AI models can retrieve the right information without overstepping access boundaries. Digital Twins For Identity Governance: Digital twins can simulate and monitor access policies, allowing organizations to test AI-driven workflows in a controlled environment before deploying them in production. This helps identify and mitigate potential data exposure risks before they become real threats. Dynamic Access Controls: Static, role-based access models are no longer sufficient. AI-driven environments require adaptive access governance, where permissions adjust dynamically based on user behavior, job role changes and contextual factors such as device trust, location and session anomalies. The Hidden Risks Of AI Data Access One of the greatest risks associated with AI deployment is its ability to uncover and use sensitive data that was previously overlooked. For example, imagine a scenario where an AI model is given broad access to an organization's file system. It might surface insights from an old payroll spreadsheet stored on a former employee's drive—data that should have been removed but remained accessible. Now, picture an employee innocently asking the AI model to generate a financial report. The AI, designed to optimize information retrieval, pulls in data from every available source, including that forgotten payroll file. Suddenly, salary details, tax information and personally identifiable data are surfaced in a summary—completely unintended, yet now exposed. The employee wasn't searching for payroll data, but because AI has no inherent judgment on data sensitivity unless explicitly trained, it provided results based on the broad dataset it was permitted to access. This type of accidental data exposure is precisely why robust identity and access governance is critical before AI adoption. If organizations do not have stringent identity governance controls in place, AI could unintentionally expose confidential information. This underscores the importance of continuous access monitoring, automated policy enforcement and periodic access reviews to prevent such incidents. Organizations must ensure that: • AI models respect access controls and do not process data beyond a user's authorization level. • Sensitive data is regularly reviewed and purged to prevent outdated files from being accessed. • AI-driven queries are monitored to detect unexpected data retrieval patterns before they result in a breach. AI And Cultural Transformation: Redefining Data Governance AI's adoption is not just a technical shift. It requires a cultural transformation in how organizations approach data governance. Employees are already using AI tools, often without formal oversight. Leadership must provide clear guardrails on acceptable AI use, ensuring alignment with regulatory requirements and internal security policies. Steps to build a strong AI governance culture include: • Defining AI Acceptable Use Policies: Establishing guidelines on what data AI can process, who can use AI-driven tools and how AI-generated insights should be handled. • Educating Teams On AI Risks And Compliance: Providing training to employees on responsible AI use and the implications of improper data access. • Embedding AI Governance In Business Processes: Ensuring that AI adoption is tied to compliance frameworks and risk management strategies, rather than occurring in silos. AI Is Inevitable, And So Is Identity Governance The adoption of AI is accelerating, much like the shift to cloud computing years ago. Organizations that ignore AI governance today will face significant security, compliance and operational challenges in the near future. Just as cloud transformation required new security strategies, AI requires a rethinking of identity and access governance. Leaders who prepare for this shift by investing in knowledge graphs, digital twins and dynamic access governance will not only mitigate risk. They will position their organizations to fully leverage AI's capabilities while maintaining trust and compliance. AI is not a future consideration. It's happening now. The question is not whether organizations should adopt AI, but whether they are ready to do so securely. Leadership in the age of AI requires a proactive stance on identity governance, ensuring that AI-driven transformation is as secure as it is innovative. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Forbes
26-06-2025
- Business
- Forbes
The Rise Of False AI Insights: When More Data Means More Problems
Sometimes AI also generates false insights, providing an answer based on real data, but data that is ... More outdated, incomplete or inaccurate. Apple found itself in hot water when news broke that the Apple Card was offering lower credit limits to women, regardless of their financial profiles. The fault lies with the AI algorithm used to analyze creditworthiness; the training data for the algorithm included historical lending data that reflected gendered biases. The lesson here is straightforward: AI makes mistakes. Sometimes AI hallucinates, filling in gaps in data to provide a 'made up' answer—a phenomenon where the model generates plausible but incorrect information. But sometimes AI also generates misinformation and false insights. It provides an answer based on real data, but data that is outdated, incomplete or inaccurate. For example, say you ask AI to pull average salaries for a role at your company. For some reason, the 2020 salary document was opened more recently than the document for 2024. The AI tool thinks the 2020 document is the most relevant, so it uses that data to provide an answer. It's a false AI insight—AI provided an answer based on real data, just not the correct data. As leaders increasingly turn to AI for help with data-driven decision-making, it's important to understand how false insights occur, how to prevent them and what this means for data governance. How Does Too Much Data Lead To False AI Insights? It's no secret that many organizations are drowning in data. On average, organizations leverage nearly 900 apps, with each modern business application collecting and running on a staggering amount of data. This creates a critical challenge: AI requires masses of clean data to produce trustworthy, valuable results. Companies certainly have the volume of necessary data. But where most organizations fall short is in the quality of their data. It's impossible to clean up all their data and properly govern each data point—there's simply too much of it. Consider the possibilities for fake insights from AI when employees start using a tool like Microsoft Copilot. Copilot scans all the documents across the entire system for answers to questions, crafting a response based on what seems relevant. It's not always right. Copilot could pull data from an outdated document from a long-gone employee—not exactly a relevant or trusted source of information. What's more, with new tools such as Microsoft Fabric, a cloud-based, end-to-end data analytics platform, employees are more empowered than ever before to access and act on data. While this creates massive opportunities for organizations, it also multiplies the potential for exposing AI to ungoverned, unmanaged and inaccurate data. It's a catch-22. Governing every piece of data isn't feasible but letting AI access ungoverned data leads to unreliable results. And restricting AI to only well-governed data may limit its usefulness. So what's the solution? How can leaders harness the power of AI and ensure AI doesn't just produce misleading insights? What's needed is a new mindset around governance. Prevent AI Misinformation With A New Output Governance Mindset The age of AI requires a new governance mindset. What's out: governing all the individual data points. What's in: Governing the outputs of AI tools through end-to-end testing strategies. This change in approach will allow organizations to encourage innovation and take advantage of AI while also mitigating the risks of fake insights leading to poor data-driven decision making. Big picture, this new governance framework allows teams to access a broad array of data—including raw or ungoverned data—to build automation tools. But before the tool is brought to production, it must go through a governance checkpoint to evaluate the model and its outputs using standard test cases. The scale and speed with which these innovations occur requires that the testing framework leverage automation to keep up. Skipping this governance checkpoint essentially means letting people create powerful and untested tools for decision making, which could be disastrous to an organization's future success. In addition to a governance checkpoint, each AI tool should be closely monitored during its first 90 days of deployment. This period requires proactive monitoring, with a plan to transition to reactive monitoring once the team gains confidence in the tool's performance. Proactive monitoring involves direct human oversight—reviewing logs, evaluating test cases and using AI-based guardrails to observe the tool's behavior in real time. Once the tool has demonstrated reliability, the team can shift to reactive monitoring, which relies on other AI systems to detect anomalies and trigger alerts when potentially unacceptable behavior occurs. Good output governance means using AI to help govern AI. Think of it like this: the AI doing the actual work—like analytics—is the adult in the room, capable of complex reasoning. The AIs that monitor it are more like kids: they don't always get the big picture, but they're great at shouting, 'Hey! That's not okay!' when something clearly breaks the rules. Another tactic to prevent AI misinformation and inspire confidence in the output from AI is to require AI tools to include annotations in their responses. With every factual question an employee asks of an AI tool, it should list where it's pulling the data from. Employees can quickly scan the annotations and decide if the data sources are trustworthy and make sense. (Needless to say, annotations are most appropriate for AI tools intended for internal use.) AI requires masses of data to work correctly. Organizations have no shortage of data, but most struggle applying data governance to their thousands upon thousands of data points. The solution isn't to lock data away or just let AI loose on ungoverned data. Rather, leaders need to reconsider their governance mindset, putting in place a robust end-to-end testing strategy for any new AI tools to ensure the outputs are accurate and decrease the likelihood of AI producing false insights, leading to poor decision making. By shifting their mindset from data governance to output governance, organizations can unlock AI's potential—without falling victim to AI misinformation.
Yahoo
19-05-2025
- Business
- Yahoo
Citigroup to shed 200 IT contractor jobs in China
Citigroup is eliminating up to 200 IT contractor positions in China, reported Reuters, citing undisclosed sources. The news agency further noted that the bank seeks to hire more full-time staff to improve risk management and data governance. This decision follows a fine imposed by US bank regulators last year July, amounting to $136m, for Citigroup's "insufficient progress" in addressing data management issues. Last week, approximately 100 IT contractors at Citigroup Services and Technology China were informed that their contracts would not be renewed, with another 100 anticipated to be notified shortly. The sources noted that Citigroup Services and Technology China, founded in 2002, employs a total of around 3,000 individuals. It is currently unclear how many of these employees are contractors. The unit in question provides support for Citigroup's global operations, which span 20 countries and regions, including New York, London, and Hong Kong. Citi was quoted by Reuters as saying: "As part of the regular business operations of Citigroup Services and Technology (China) Limited (CSTC), we review our HR strategy on an ongoing basis, including decisions about renewing (fixed term) employment contracts." "When decisions are made on non-renewal of fixed term contracts, this will be done in compliance with applicable laws, regulations and procedures. We are committed to supporting impacted employees," the bank added. Earlier this year, Citigroup head of technology Tim Ryan, revealed plans to reduce the bank's reliance on external IT contractors, lowering their share of the workforce from 50% to 20%. In China, the bank is offering 'severance package' to most of the affected contractors, calculated based on their length of service. Citigroup's banking operations in China extend beyond IT, with plans underway to set up a securities division. A spokesperson for Citigroup in Hong Kong stated that the bank's business strategy and commitment to serving both local and global clients in China remain steadfast. For the first quarter of 2025, Citigroup reported a net income of $4.1bn on revenues of $21.6bn. "Citigroup to shed 200 IT contractor jobs in China " was originally created and published by Retail Banker International, a GlobalData owned brand. The information on this site has been included in good faith for general informational purposes only. It is not intended to amount to advice on which you should rely, and we give no representation, warranty or guarantee, whether express or implied as to its accuracy or completeness. You must obtain professional or specialist advice before taking, or refraining from, any action on the basis of the content on our site. Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
National Post
13-05-2025
- Business
- National Post
Behavox Launches Data Risk Controls and Reconciliation Program to Strengthen Compliance Frameworks
Article content NEW YORK — Behavox, an AI insights company that transforms structured and unstructured corporate data into insights that safeguard and enhance businesses, today announced the launch of its Data Risk Controls and Reconciliation Program. This initiative is designed to help organizations fortify their data risk management strategies in response to increasing regulatory scrutiny. Article content Article content For the past four years, Behavox has worked closely with Global Systemically Important Banks (GSIBs) and Commodities Traders to enhance their data controls, ensuring alignment with global regulatory expectations. Given heightened scrutiny from internal governance teams, as well as regulatory bodies such as the FCA, ASIC, U.S. Securities and Exchange Commission (SEC) and the Financial Industry Regulatory Authority (FINRA), Behavox has observed a significant rise in firms prioritizing data integrity, reconciliation, and governance. With Behavox's support, clients have successfully passed external and internal audit and remediation efforts. Article content Today we are formally announcing the Data Risk Controls and Reconciliation Program, because we appreciate that even organizations that are not clients of Behavox care about market and data integrity. Due to this gap in the market, Behavox is offering a structured framework to support firms in achieving end-to-end data governance. This includes: Article content Data Risk Assessment – This initial phase focuses on identifying potential gaps in existing data integration, mapping key data elements, and evaluating the effectiveness of current risk controls. Firms receive detailed risk assessment reports outlining data flow dependencies and integration weaknesses. Implementation of Risk Controls – Based on the audit findings, customized risk controls are developed, incorporating both preventative and detective measures to strengthen data governance. This includes data ingestion monitoring, reconciliation protocols, and compliance documentation. Ongoing Monitoring & Reconciliation – Organizations receive Data Quality (DQ) reports, trend analyses, and real-time risk assessments to maintain proactive oversight of their data landscape. We also train Data Administrators to understand their responsibilities, vendor responsibilities and to put in place more sophisticated data risk controls. Article content Since the inception of this initiative, Behavox has engaged in eight large-scale implementations, helping firms navigate complex regulatory landscapes while maintaining operational efficiency. Article content Francois Suarez, Head of Subject Matter Expertise at Behavox, added: ' The scrutiny we've seen across the globe in the last 12 months is growing, and it's not just about fines. Firms will always be asked questions about the robustness of their surveillance programs. In our discussions with customers and peers, regulatory bodies as well as internal governance teams are intensifying their focus on data integrity, and firms must demonstrate a proactive and reasonable approach to managing their data risk. The Behavox Data Risk Controls Program enables organizations to implement best-in-class risk controls that are both practical and effective.' Article content Join the Conversation Article content To support firms in adopting effective data risk controls, Behavox invites compliance and data leaders to: Article content Participate in the Data Administrator Certification Program to enhance their expertise in data governance. Join the Data Risk and Controls Webinar on May 27, 2025. Join Behavox's exclusive series of roundtables, where industry experts will discuss best practices, challenges, and strategies in data risk management. Article content Behavox is an AI company that transforms data into insights that safeguard and enhance businesses. Article content Our proprietary technology and industry-specific LLM empowers users to benefit from AI without becoming a domain expert. Article content Our global client base includes banks, hedge funds, private equity firms, crypto firms and other non-financial companies. Equipping them with quality, cost-efficient insights, our solutions enable them to: Article content Founded in 2014, Behavox is headquartered in London, with offices worldwide, including in New York City, Montreal, Seattle, Singapore, and Tokyo. Article content Article content Article content Article content Article content Article content
The Independent
07-05-2025
- Business
- The Independent
The first domino: why data governance holds the key to digital transformation
Bluestonex is a Business Reporter client Organisations everywhere are racing to undergo digital transformation, eager to harness advanced analytics, artificial intelligence and automation to sharpen their competitive edge. Yet amid the rush towards innovation, a fundamental issue is often ignored: the quality and governance of the data underpinning it all. At the recent SAP BTP Summit in London, Bluestonex observed a striking statistic – 65 per cent of attendees admitted their organisation's data quality was poorer than average in the room. This raises a critical question: how can businesses expect transformative outcomes from data that is fundamentally flawed? The truth is stark: technology alone doesn't drive change. Successful digital transformation hinges on a solid foundation of robust, reliable data governance and management. Overlooking the basics Despite this clear dependency, many organisations sidestep governance in their urgency to modernise. Tempted by new technologies, leaders often overlook the structure and integrity of their data. Governance is assumed to be 'handled' or treated as a back-office task – an error that proves costly down the line. There's a misplaced belief that technology can compensate for deep-rooted operational gaps. It can't. When digital programmes are launched without first ensuring data is accurate, accessible and accountable, the result is a sophisticated system built on unstable ground. The impact? Strategic initiatives that look impressive on paper but deliver little in practice. When data undermines transformation Poor data quality is one of the most underestimated threats to digital transformation. When information is inaccurate, outdated, incomplete or duplicated – the four horsemen of the digital transformation apocalypse – it quietly compromises every system and decision it touches. At first, these issues seem minor. But as transformation efforts scale, their impact becomes impossible to ignore. Automation misfires. AI models underdeliver. KPIs become meaningless. Dashboards distort reality. Decision-making stalls and confidence in the transformation strategy begins to crack. This is where businesses falter – not because the technology is broken, but because the foundation beneath it is. Without governance, visibility and quality at the core, transformation becomes a frustrating layer of complexity. Innovation built on bad data delivers confusion, not clarity. Smart organisations are recognising this risk early and responding with intent. By investing in governance frameworks and MDM tools that manage quality, enforce standards and provide transparency across domains, they are laying the groundwork for transformation that lasts. Real-world proof: a true data governance transformation One organisation that took this approach to heart is WaterWipes, a global leader in sensitive skincare products. In just 18 months, it transitioned from a bespoke legacy system to a modern SAP ERP landscape – in the process making the final of the SAP Innovation Awards 2025. But as go-live approached, a critical issue emerged – data governance had been overlooked. For a brand trusted by healthcare professionals and parents alike, this wasn't just an operational concern, it was a reputational risk. Regulatory compliance, product traceability and global reporting all depended on data integrity. WaterWipes responded quickly. It implemented a scalable data governance solution built on SAP BTP called Maextro, capable of managing critical data domains with built-in validation, automation and transparency. The results were immediate: a 50 per cent acceleration in data processing, a 30 per cent reduction in implementation costs and a clean, compliant core that now powers future innovation. That journey serves as a clear reminder: data governance isn't a nice to have. It's an essential safeguard that protects transformation investments – and, in many industries, customer trust. Stepping back to move forward To unlock the full value of transformation, businesses must be willing to take a step back. That doesn't mean halting progress; it means anchoring innovation in something solid: clean, governed and trusted data. It starts with a clear-eyed audit. Where are the gaps, duplicates and inconsistencies? From there, assign ownership – appointing data stewards and governance leads who are responsible for maintaining accuracy and compliance. These steps, though unglamorous, lay the path to sustainable change. Crucially, data governance isn't a one-time project. It's an ongoing discipline. When embedded into transformation roadmaps from day one, it becomes a strategic enabler, not a barrier. It ensures the first domino is in the right place – so the rest can fall exactly where they should. Build on what matters most Digital transformation is often portrayed as a race towards innovation – but real progress is more tortoise than hare. It begins by building trust in your data. Governance provides the framework for that trust, by managing ownership, ensuring quality and enforcing consistency. It doesn't have to be overwhelming. Start by identifying high-impact data domains, assigning responsibility and introducing clear rules. Scalable master data tools – many available on platforms such as SAP BTP – can help automate and enforce this, providing visibility and control as transformation expands. Don't treat data governance as an afterthought. Make it the foundation. Because when done right, it doesn't slow you down – it's the first domino that enables everything else to move forward with confidence.
