STARCIO

drive digital transformation

STARCIO

StarCIO Drive: Agility, Innovation, Transformation
Drive: Agility, Innovation, Transformation

Welcome to Drive

Drive has 700+ articles for digital transformation leaders written by StarCIO Digital Trailblazer, Isaac Sacolick. Learn more.

Data Privacy Week Is Over. Now Comes Leadership Accountability

We’ll recap Data Privacy Week, what we learned, and why it matters, at this week’s Coffee With Digital Trailblazers. I deliberately chose to cover data privacy one week after its commemorative Data Privacy Week. Organizations need action more than words and policies. As AI increases data’s use cases and value, areas of data privacy, security, and governance are falling behind.

Data Privacy Week Is Over. Now Comes Leadership Accountability

Top data breaches in January included:

  • A 1.4 TB internal breach at Nike.
  • Mellwood’s ransomware attack may have exposed customer data.
  • A breach at SNP Transformations exposed social security numbers.

Stinson reports a surge in lawsuits related to online privacy. They tracked claims filed in 315 courts across 45 states and DC against 3,512 unique defendants. While 20 US states passed comprehensive privacy laws, none were added in 2025.

My main takeaway from Data Privacy Week is that executives need to step up. Here’s a recap of three of my discoveries.

Safety, security, and privacy are all C-leader responsibilities

The Coffee With Digital Trailblazers episode on CIO and CMO: Partnering on AI to Drive Growth took an unexpected turn. We had plenty of growth examples that I will share in a future article. But CMOs quickly highlighted the importance of data privacy and security in their marketing responsibilities.

“Safety and security are not one department’s job,” said Adrianna Hosford, chief communications officer and head of marketing at Artera. “The CMO and the leadership team need to know that, because sometimes I think relationships can go wrong when there’s a dialogue in which the CMO wants one thing and the CIO wants another. But truly, if everyone is here to grow the business and do what’s best for it, we actually share many goals. At our company, security is one of those.”

Here’s how Adrianna explains the importance of data security to marketers. “If there is a security breach, a reputational issue, or a major crisis, guess who’s dealing with it? You, marketer. You’re dealing with it from a brand, PR, and reputation perspective. So it’s in your personal best interest to make sure that safety and security are a culture across your whole company,” said Adrianna.

CISOs, chief privacy officers, and CIOs, take note. Lead steps to get your CMOs and communication heads on board with the data privacy, security, and governance agenda.

AI governance is lagging behind the drive for experimentation

Here’s another reason to involve the CMO and marketing in advancing the data privacy, security, and governance priorities.

According to the 2025 SAS Report on Marketers and AI: Navigating New Depths, 85% of marketers are using GenAI, and 93% have a dedicated GenAI budget for 2025/2026. But only 8% of marketers are very confident in their organization’s AI governance. Also concerning is 45% of agentic AI adopters identified data privacy as a concern with AI use in their organizations.

I’m floored by the low confidence. It’s like the Board approved a fat budget to test-drive Ferraris. Then, CMOs gave those Ferraris to their staff to drive at 180mph without teaching them how to or ensuring there were safety guardrails in place.I

If marketers aren’t confident in their organization’s AI governance, they should step in and take appropriate data privacy measures for the data they use most – customer data.

Worse, if 45% of AI adopters have concerns about data privacy, that implies 55% do not.

“At the organizational level, adopting a privacy-first approach to data management is no longer optional,” says Greg Clark, director of product management and strategy OT enterprise cybersecurity at OpenText. “Building privacy into data practices from the start helps reduce the risk of breaches, regulatory exposure, and operational disruption. Just as importantly, it enables secure collaboration and analytics—allowing teams to share, analyze, and extract value from data with confidence, rather than locking it down or slowing the business.”

Data privacy recommendations for CMOs

  • If you can’t champion and market your organization’s approach to data security and privacy to your customers, then raise the concerns with the executive leadership team and drive the closure of gaps as a strategic priority.  
  • Hire a third-party auditor to determine whether data privacy guardrails align with policies.
  • Train staffers in marketing, IT, and infosec on data policies, regulations, and objectives. Foster a shift-left mentality around data security and privacy, so that they are addressed in parallel to AI initiatives.

Data privacy and security need action, not just policies

Training is a key element of data governance, security, and privacy. Gary Orenstein, chief customer officer at Bitwarden, says it’s clear that privacy is no longer defined by where data lives, but by how access to it is controlled.

Orenstein says, “Digital lives across work and personal environments now coexist on the same devices, accounts, and browsers, blurring access boundaries and expanding the exposure of any single privacy gap. Modern security strategies must account for the fact that the same credentials unlock work systems, personal accounts, and family devices, so privacy can’t be treated as a downstream add-on.”

So, identity is an issue, endpoint security is a major concern, and access control is a growing challenge. Locking down systems is no longer an optiomn. To become a data-driven organization and build smarter AI models, data has to be moved to where users, models, and AI agents need it.

“When vendors tighten commercial or technical controls, it stops being about security and starts being about control,” says  Fivetran CEO George Fraser. “Customers should decide how and where their data moves. Restricting access forces sensitive data to stay inside a single vendor’s stack, limiting transparency, independent auditing, and the privacy safeguards customers rely on. If customers can’t use the tools of their choice to move their own data into platforms like Snowflake, that’s not protecting privacy. It’s reducing it.”

CIOs, chief data officers, and CISOs should consider horizontal approaches to managing data security and privacy. Data fabrics and data movement platforms can expand access to data. Data security posture management (DSPM) brings several data security practices into a single management framework.

What lessons did you learn this week about data privacy and security? Join the conversation at this week’s Coffee With Digital Trailblazers!

Published on:

Topics:

, , , , ,

Share on:

Leave a Reply

StarCIO

My company, StarCIO, provides leadership, learning, and advisory programs for companies looking to accelerate delivering business value from digital transformation. Contact me if you’d like to learn more about partnering opportunities.

Isaac Sacolick

Greetings from Isaac Sacolick

If you enjoy my thought leadership, please sign up for the Driving Digital Newsletter and read all about my transformation stories in Digital Trailblazer.

Coffee with Digital Trailblazers hosted by Isaac Sacolick

Digital Trailblazers! Join us Fridays at 11am ET for a live audio discussion on digital transformation topics:  innovation, product management, agile, DevOps, data governance, and more!

Join the Community of StarCIO Digital Trailblazers

About Drive

Drive Agility, Innovation, Transformation

Drive is the blog for digital transformation leaders brought to you by StarCIO and Isaac Sacolick.

Agility, Innovation, and Transformation are the three primary digital transformation core competencies that every StarCIO Digital Trailblazer must champion in their organizations. Learn more About Drive.

About the StarCIO Digital Trailblazer Community

StarCIO Digital Trailblazer Community

Revolutionizing traditional learning, networking, and advising experiences.

Visit the community

About StarCIO

Learn More about StarCIO

About Isaac Sacolick

Isaac Sacolick

Author, 1,200+ articles, keynote speaker, Chief StarCIO Digital Trailblazer. Full bio

Driving Digital Newsletter

Driving Digital Newsletter

StarCIO Guides

Learn StarCIO Agile Planning

Digital Trailblazer

Digital Trailblazer by Isaac Sacolick

Driving Digital

Driving Digital by Isaac Sacolick

Driving Digital Standup

Driving Digital Standup

Coffee with Digital Trailblazers

StarCIO Coffee With Digital Trailblazers

Recognition

reworked imapct awards 2026 Judge
InfoWorld 2025 Judge
InfoWorld Technology of the Year 2024 Judge
Thinkers360 Top 10 in IT Leadership
Thinkers360 Top Agile Thought Leader
Thinkers360 Top DevOps Leader
Thinkers360 Top in Digital Transfomation
Thinkers360 Top in Analytics
Thinkers360 Top in Product Management

Discover more from StarCIO Digital Trailblazer Community

Subscribe now to keep reading and get access to the full archive.

Continue reading