IT security executives must begin using more progressive risk management techniques if they ever hope to get ahead of data breaches, malicious attacks and emerging compliance regulations, according to Steven Adler, program director of IBM’s Data Governance Solutions unit and chairman of the Data Governance Council industry group.

The only way to prevent continued security failures in the future will be by taking a closer look at how the organization can embrace risk management and data governance today, he said. “Every market is an arbitrator of fear and greed, and information about risk is what we all use to make educated decisions. We need new data governance standards to help companies engage in smarter risk calculation, modeling, forecasting, and analysis on a much more systemic basis,” said Adler.

“CIOs are already collecting reams of data that could help with risk calculation in their logs, identity management systems, and intrusion prevention tools, but most of the time, it sits uncorrelated, uncompared, and unanalyzed,” he said.

“These companies have a wealth of information that could help them calculate risk more effectively; as an industry, we need to talk more about new data models, analytical tools, and what future standards need to look like. That’s the type of thing that the Data Governance Council believes in.” By Matt Hines