It’s no secret that I’m a startup guy. I love the closeness and camaraderie of a small team. I love whiteboarding until the wee hours of the night, determined to solve the issue at hand. I love the passion of a founding team of visionaries. But most of all, I love the unencumbered innovation. Startups have the freedom to discover, explore and solve real customer problems that inhibit business potential.
From Legato to Invio to Redhat over the past three decades, I’ve worked across multiple layers of the modern data stack. I have seen the shift from on-premises data center storage to cloud-delivered data platforms to today’s AI-driven data services. Data is no longer a backend function. Today, data is the product, and companies are racing to extract the tremendous value locked up in their data.There hasn’t been a more exciting time to be part of the data tooling ecosystem.
Like every “gold rush”, the modern data stack is going through a period of profound chaos - specifically around the need to secure the underlying data. Securing expanding threat surfaces and meeting compliance mandates are proving to be increasingly complex, labor intensive and expensive. Foreseeing this blocker to innovation, I co-founded Acante with Uday, Abhishek, Advait and Dhruv. We’re re-imagining data security for the modern data stack, so organizations can continue to innovate without compromise.
Since founding the company, we’ve met with more than 100 customers and prospects, folks up and down the IT stack who are rethinking how they provide access to data to the right user at the right time for the right use. Along the way, we discovered some interesting (and surprising) insights and some core principles that have guided our product development. While digital transformation and the cloud have evolved how business applications are delivered, we are in the early stages of this new data-driven economy. And we are just beginning to understand the new requirements this creates.
Here are a few key insights:
1. Data-driven business agility is at risk of becoming a liability
The sheer amount of data that organizations are gathering, the multitude of platforms they use to process and transform it, and the wide-ranging scope of their data initiatives — from customer experience to generative AI — is creating turbulence throughout operations. Unfortunately, complexity is the enemy of security. Organizations are struggling to know exactly who is accessing what data and for what reason.
In order to truly capitalize on data-driven transformation, organizations need to regain visibility and control into their data access and use.
2. Data teams need to be part of the data security solution
Many of our early conversations with customers opened our eyes to this dynamic. We’d set up a meeting with the security team, and inevitably, they’d pull in the data owners. We’d then spend most of our time with them, hashing out how we can help them deliver on their mission without increasing risk. It made us realize that security teams are looking to define and maintain the data security framework. Just like application owners are responsible for securing their applications, they want data owners to be accountable for the security of their data.
For us, this meant that they need security solutions that are built specifically for data teams and that work seamlessly with their data tooling ecosystem.
3. Security should be measured through a business lens
It is clear that the role of the CISO is changing. They are no longer measured only on how many threats they’ve stopped or whether they’ve delivered on compliance requirements. Forward-leaning security leaders are now taking on more of a business role within the organization. They are measuring themselves on KPIs such as, “Can I quantify the risk to my crown jewels - my critical data?” “How long does it take us to grant access to data?” and “What is the time / cost associated with demonstrating compliance?” If security is all that matters, then the most secure data would be locked in a bunker one mile below the surface of the earth. But that would render the data pretty useless.
Security leaders are increasingly making compliance and risk-weighted data access decisions in accordance with business objectives.
4. The data-centric transformation of business is an opportunity to rethink security
Remember the days when the first thing a security team would do was to deploy a firewall? Those were different times. Today, it’s all about data: where it lives, where it goes, who needs it and why they need it. And you can’t apply yesterday’s best practices, tools, processes and skills to today’s reality.
We have an opportunity to fundamentally change how we secure the organization with a data-centric security approach that provides an order of magnitude higher ROI for their security investments. A security model that focuses not on securing the infrastructure but on directly securing the data and data access.
5. Any friction slows the product adoption journey
Engineering teams want to move, and move fast. They don’t want to wait for days to get access to their data. They don’t want products that take days to learn and deploy. They don’t want long complex sales cycles. They don’t want products that require a headcount to maintain. Security teams want to enable agility and provide their engineering teams with the tooling that allows them to move fast without sacrificing security.
They love products that are easy to trial and get going in minutes. Tools that integrate seamlessly with existing workflows. And products that quickly drive up productivity. Eliminating friction at every stage of the customers’ product adoption journey needs to be at the center of our every product development decision.
I’d love to hear from you
The world of data security is radically changing, giving organizations a unique opportunity to reset and rethink how they can provide security across an ever-expanding attack surface. This is why we founded Acante and what we’ll be focusing on in the years ahead. We’ve brought on board some stellar business advisors and investors – including Clear Ventures – on this journey who are going to help us focus our efforts on securing and enabling the data-driven business. Please, I urge you to reach out at any time to discuss how secure data access can become an enabler of innovation and productivity. Email ranga at acante dot ai.