Data stewardship is a component of data governance. If you think of governance as a strategic and formal process, you can think of stewardship as a tactical and social construct in support of governance. Practicing good data stewardship prepares an organization to recover efficiently from a ransomware attack.
Stewardship embeds standards and best practices into corporate culture, supports rapid discovery of attack vectors and ubiquity of impact, and implies effective governance of data as news of an attack reaches clients, customers, and public scrutiny.
Data Stewardship and Corporate Culture
To the modern workforce, culture is often held in higher regard than compensation. If you feel that statement is in error, consider the great resignation of 2021. Droves of people traded in their stress, along with their big paychecks, to find a better cultural and lifestyle fit.
How is this relevant to ransomware? The impact of a ransomware attack, as with any disaster, is tempered in the presence of a strong corporate culture. As news of the attack circulates, a weak culture will point fingers and jump ship. A strong culture will assume a pragmatic posture and seek remediation. In a strong culture, employees and associates know that something they love is in danger. They mobilize—without request—to protect it.
Data stewardship plays a role in strengthening culture by federating data literacy across business functions that may not traditionally be involved in data governance. In the case of a ransomware attack, this prepares more of the workforce to inventory, gauge impact, and act to mitigate impact. Internal data stewards recruited across the entire organization become first-line stakeholders for ushering in recovery.
A data-literate culture can also help prevent ransomware attacks in the first place. Data stewards promote best practices for securing data, which include the responsibility of each individual to guard against things like email phishing scams that allow ransomware to enter the organization. If the ransomware never enters, there is no ransomware attack to resolve.
Impact, Attack Vector, and Remediation
Statistics on ransomware attacks are frightening. They’re getting worse every day. The best attack to deal with is no attack at all. At the same time, it would be naïve to assume your organization will never experience a ransomware attack. When that happens, data stewardship is a powerful component of any playbook for recovery.
Data stewards are usually subject matter experts in their respective areas. Technology workers may be extremely data literate, but they are not going to match the domain experience of the stewards. In turn, data stewards will not possess the technical acumen to resolve the attack directly.
Combining the domain expertise of data stewards with the technical skills of IT workers provides the fastest path to remediation. IT workers know what questions to ask as they attempt to discover attack vectors and measure impact. Data stewards either already know the answers or know where to get the answers. Stewards and IT can work together to remediate the attack while the rest of your organization goes about the day’s business.
Implied and Evident Data Governance
It’s no secret that proper data governance is a key component of cybersecurity. Many organizations have yet to adopt formal data governance, and many of those may never adopt it. While data stewardship is part of formal data governance, it can also provide benefits all by itself.
By forming a data stewardship council or committee, you create implicit data governance. The stewards will create standards and practices that are enforced through governance. Even in the absence of formal data governance, the stewards will take on a role that resembles governance. During a ransomware attack, they’ll assume this role as if governance were already in place.
Without formal governance, the primary difference lies in how much authority stewards have to enforce standards and practices. While having that authority to lean on is important in general, it’s not necessary, and stewards can still be useful during a ransomware attack.
The ongoing efforts of data stewards will make it evident, internally and externally, that data management and security are a priority for your organization. Make no mistake—if your organization is larger than a few people, it has a public profile, and it has a social media presence. Your data stewardship program can help if you need to calm internal worries or temper public opinion. The stewards are the “human” voice of data governance.
Finding the Stewards
Having data stewardship in place when a ransomware attack occurs better positions your organization to cope with and recover from the attack. Three benefits of data stewardship during an attack are:
- Standards, practices, and data literacy are baked into culture
- Measuring impact and discovering attack vectors, along with IT staff, for faster remediation
- Internal and external evidence of data governance, even without formal data governance
You can start identifying data stewards in your organization right away. All you need to do is visit a department and ask everyone who they go to when they see something on a report they don’t understand, or who the “power users” are. These individuals often have a natural affinity for the systems and data they work with, and are the perfect candidates to start with for your data stewardship program.
