Discovering the future of data management

Taking a proactive approach to data management dilemmas.

Aby Rao

Aby Rao

Director Advisory, Cyber Security Services, KPMG US

+1 215-301-3636

Nathan Roberts

Nathan Roberts

Associate Advisory, Cyber Security Services, KPMG US

+1 814-262-5516

In today’s world, organizations deal with massive amounts of data. This expansive data ecosystem includes everything from customer records kept by online retailers and sensitive production information managed by software development teams to customer data shared with third-party vendors.

While this data is the driving force behind the digital world we live in, it can also prove to be a challenge for risk managers, security professionals, and governance teams who seek to verify and ensure the integrity and security of their organization’s data. Bearing in mind the sheer quantity of data that is only increasing at a rate of around 50% per year according to a 2020 report by BusinessWire1, keeping good tabs on this data is challenging, or even impossible, if done manually.

It is clear that organizations need modern solutions to manage data - manual tracking of data simply does not cut it anymore; and outsourcing data discovery to third-parties is not only costly but it only provides a partial snapshot into your data rather than a comprehensive, continuous view.

The solution to these challenges lies in modern data discovery tools that leverage artificial intelligence and automation. Data discovery is the collection and evaluation of data from various sources and is used to make informed business decisions. Automated data discovery tools will automatically scan repositories, documents, network traffic, and more, all while compiling and presenting the sensitive data that matters most. These tools serve as an enabler of data security, proper data governance, and regulatory compliance by providing thorough, clear, and ongoing insights into your data.

Current Data Risks

The need for data discovery tools is in large part brought about by the risks of mismanaging your organization’s sensitive data. These risks, much like the amount of data, are more numerous than ever before. According to a recent report shared in IndustryWeek from the Association of Certified Fraud Examiners, 33% of examiners report a “slight increase” in cyber fraud such as hacking and breaches, while 52% report a “significant increase"2.

Data breaches can occur for a variety of reasons, but poor data management is often a culprit. It is not uncommon for a breach to occur simply due to sensitive data existing in unsecured environments. Breaches of this nature, which often compromise tens or even hundreds of thousands of users, are a fairly common occurrence in spite of being easily preventable. In 2020 alone, there were several high-profile companies, such as a popular family lineage service and several popular video sharing platforms, who suffered breaches that occurred due to users’ sensitive data being left in unsecured environments and presumably forgotten about. In these cases, a combined millions of pieces of sensitive data were found in unsecured databases or servers. These breaches could have been easily preventable if sensitive data was more closely monitored.

When it comes to data breaches, however, undetected vulnerabilities in applications remains the most common way by which access is gained to private data. In early 2020, state-sponsored attackers carried out a massive breach on United States government agencies, compromising countless records and conducting damaging cyber-espionage. This breach was one of the largest ever recorded and could have been prevented or at least minimized with more securely designed applications3. As bad actors continue to launch increasingly sophisticated attacks, applications must be more secured than ever. Monitoring the flow of data throughout each step of the development process is a leading way to create the most secure applications possible. This monitoring can be facilitated through data discovery tools and could serve as an aid in making highly secure applications.

Aside from data breaches, the rise of consumer data privacy regulations such as Europe’s General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) establish strict guidelines as to how customer sensitive data should be handled. These acts include a consumer’s right to request to view or delete any records that an organization is holding on them and general guidelines regarding securing this sensitive data. These regulations are continuing to emerge, and costly fines and bad PR means compliance is a necessity.

Data Discovery as a Solution

Make no mistake, challenges related to securing and managing data across an organization is a daunting task, with failure to properly do so being costly – often leading to financial and reputational damage. Data discovery tools serve as an invaluable asset to rising and meeting these challenges.

Data discovery tools enable the monitoring of where data is located, preventing sensitive data from being left unmasked in unsecured environments, putting an end to the risk of preventable breaches. Data discovery is also an invaluable tool to monitor and track the data flow of an application in development, allowing for adjustments to be made for any vulnerability in the data flow. This is the foundational idea of DevSecOps, and data discovery is a key component to meeting the principles of DevSecOps and securing your applications to a modern standard. Finally, data discovery ensures the proper management of customer data, enabling tracking, presentation, and deletion of customer data quickly and easily, significantly simplifying staying in compliance with privacy regulations.

While there is no one solution to the challenges relating to data that are faced today, data discovery sits at the forefront of resources that ought to be leveraged. Simple, automated data discovery tools are emerging and offering the insight needed for proper security and governance, regulatory compliance, and data management.

These key insights are the pathway to better securing and managing data, preventing breaches, and making today’s digital economy safer for everyone.


  1. BusinessWire web site, News section, September 1, 2020
  2. IndustryWeek web site, Technology and IIOT – Cybersecurity, April 20, 2021
  3. ZDNet Web site, Security, January 14, 2021