BMC Software is a Business Reporter customer
Today’s organizations are committed to collecting and analyzing as much data as possible from new, old, and evolving sources, but they continue to have varying levels of success in extracting value from it. The data itself is not necessarily the problem, but rather the source of the data and its use—and the people, processes, and technology they encounter along the way—that can amplify or obscure its value.
The explosive growth of data in recent years has spawned its own operational category: DataOps. And how organizations incorporate DataOps best practices makes all the difference in achieving successful data management and corresponding data-driven outcomes.
BMC’s recent report in collaboration with 451 Research and S&P Global, “Putting the “Ops” in DataOps: Success Factors for Operationalizing Data,” concluded that defining a successful DataOps approach comes down to what you want data to do for your business. And that approach needs to be tailored to your organization’s specific conditions and goals.
The factors that contribute to data-driven business success are often as variable as the demographics of the organization. Company size, geography, data management maturity, DataOps best practices, operating model for data management and data delivery functions (whether centralized, federated, or hybrid), and the application of technologies such as artificial intelligence and machine learning (AI/ML) in data management can all influence the business value an organization creates from its data.
DataOps is the key that will enable businesses to unlock greater agility and resilience amidst a fluctuating economy and increasing competition and regulatory requirements. But this means successfully implementing DataOps practices, technologies, and insights to make the most of their data management initiatives.
In our report, we classify an organization’s maturity based on its data management strategy, practices, and architecture. The four data management maturity profiles are:
- Developing: Strategy is developing, but practices and architecture may not yet be closely linked to critical business outcomes.
- Functional: The strategy is largely developed, with some high-priority data practices and architectures tied to critical business outcomes.
- Competent: The strategy is fully established, with almost all data practices and architectures tied to critical business outcomes.
- Exceptional: The strategy is continuously optimized, with data practices and architecture that drive new sources of value.
Considerations on data governance
Of particular interest to European companies is the growing list of compliance requirements, especially around the protection of customer data and personally identifiable information (PII). A significant number (65%) of respondents said they currently actively collect and/or manage data specifically to support their corporate governance or responsibility initiatives.
According to the report, “[As] “The data-driven regulatory landscape continues to proliferate and become more nuanced across geographies and sectors, and organizations with developing maturity will likely need to allocate resources to meet “reactive” external requirements as much as they allocate resources to more “proactive” efforts toward generating business value with data.”
As we have seen with recent global breaches and hacks, improper handling of customer data can have far-reaching consequences for a business, from significant fines and enforcement to reputational damage that harms relationships with customers, partners and suppliers. Externally imposed regulatory mandates and requirements can be a useful call to action for organizations to exert more granular control over their enterprise data assets, with additional benefits that go beyond simply complying with regulatory considerations.
The report concludes that exceptionally mature organizations have already systematically addressed externally imposed, defined, or prescriptive requirements related to data management and control. That said, such organizations still need to be forward-thinking and collaborative, and keep up with the reality of their technological capabilities. That way, they can prepare for future requirements and collaborate with regulators or partner organizations to define what is appropriate and defensible in terms of data management and control.
DataOps and regulations
Another key finding of the report is that European organisations are at the forefront of active data management practices that leverage emerging technologies. They also tend to be more regulated in terms of data-related compliance and AI requirements. One example of this is the Digital Operational Resilience Act (DORA) It will come into force throughout the EU on 17 January 2025.
The law is designed to improve the operational resilience of digital systems supporting financial institutions operating in European markets. It aims to guide organizations in building resilient frameworks, with a comprehensive focus on service visibility, risk mitigation, business continuity, incident management, and governance. Under this new legislation, shared information must comply with relevant guidelines and personally identifiable information must meet the criteria of the EU General Data Protection Regulation (GDPR). By establishing strong DataOps practices, EU organizations can stay ahead of the competition in compliance readiness.
Considerations for data compliance
The Digital Operations and Resilience Act covers five considerations that organizations should keep in mind as they move toward compliance, and all apply to data:
- ID: Understand the risk to systems, people, assets, data, and capabilities, including business context, policies, and vulnerabilities.
- Protection: Ensure safeguards are in place to limit or contain the impact of a potential cybersecurity incident. Strengthen defenses to ensure the integrity and security of critical data and systems.
- Detection: Discover threats, cybersecurity events and anomalies in real-time and understand their potential impact for rapid mitigation.
- Answer: Take steps to limit the impact of these threats, cybersecurity events and anomalies by having well-defined response mechanisms and protocols in place.
- Recovery: Ensure that systems can return to normal conditions efficiently and effectively.
Conclusion
Data is a critical business driver (for some, the primary one), so controlling it—and the people, processes, and technology that maximize its value—is an organizational imperative.
Can Read our full report hereand Take the data maturity assessment here to discover where your organization is in its development and what areas you need to address to leverage data and achieve successful outcomes.