Data governance & cybersecurity insights from Snowflake Summit | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Data governance is fast becoming a pillar of enterprise security strategy as organizations confront data sprawl, multicloud complexity and the urgent need for responsible artificial intelligence integration.

As businesses strive to simplify data operations without sacrificing security or compliance, unified platforms are gaining traction for their ability to streamline controls and centralize oversight. This momentum is evident at Ebates Performance Marketing Inc., d/b/a Rakuten Rewards, which uses Snowflake Inc.’s data platform to strengthen its cybersecurity and compliance posture, according to Adam DeMonaco (pictured, left), chief information security officer at Rakuten Rewards.

“We’re using a bunch of different tools,” DeMonaco said. “But AI is a bit of that and some large language models to be able to discover and then classify and then ensure that we have the proper security controls based on the compliance requirements and best practices as well.”

DeMonaco and Brad Jones (right), chief information security officer and vice president of information security at Snowflake, spoke with theCUBE’s Dave Vellante and Rebecca Knight at Snowflake Summit, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed data governance, AI and the evolving threat landscape.

Centralized data governance in a fragmented world

Before adopting Snowflake, Rakuten Rewards contended with decentralized and fragmented security practices across its global footprint. By unifying data operations on Snowflake’s platform, the company has gained greater control, enhanced compliance and more agile governance, according to DeMonaco.

“There’s a rapid adoption of Snowflake across our organization, not just with rewards, but internationally,” he said. “The quick adoption has moved faster than our governance principles. It’s really around using the tooling within Snowflake and partnering with Snowflake to understand where there’s gaps and being able to fill those gaps as quickly as possible while also integrating to the security controls that we currently have in place.”

Snowflake’s architecture has also enabled Rakuten Rewards to securely collaborate with second- and third-party partners, even as the company continues refining its internal data governance framework, DeMonaco added. At the same time, it raises the stakes for maintaining strong security controls that account for data vulnerabilities both inside and beyond the Snowflake environment.

“It’s still a work in progress,” DeMonaco said. “Data governance is a program that’s continuously being built, and as it’s being built, we’re discovering new tooling, most of which is in Snowflake to be able to identify the discovery aspect of it, the classification [and] the tagging, the security controls around it. That is just an iterative process that continues to be developed.”

Built-in data governance across multi-cloud terrain

Enterprises managing infrastructure across multiple cloud service providers face significant governance complexity. Snowflake aims to minimize that burden by baking security and compliance capabilities directly into its platform, according to Jones.

“We take that out of the hands of the users or the responsibility of the users,” he said. “One of our main tenets is that it’s easy to use. We make all that hard stuff underneath transparent to use. You don’t have to deal with the nuances of AWS, [Google Cloud Platform] or Azure. It just works the same. Your control policies work uniformly across all of those underlying [communications service providers].”

This level of consistency helps organizations reduce risk, particularly in highly regulated environments. It also sets the stage for more trustworthy AI integration, supported by strict controls and visibility at every layer, according to Jones.

“I think security today is a data game,” he said. “You have to have all the data, and you have to quickly be able to look and analyze that data and find those anomalies. We use Snowflake, the platform, to protect our platform, our corporate environment. We use a lot of the AI technologies: Machine learning to look for anomalies [and] look for patterns; we’re all in on it and believe that’s the way forward.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the Snowflake Summit event:

(* Disclosure: TheCUBE is a paid media partner for Snowflake Summit. Neither Snowflake Inc., the primary sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE