Customer data is one of the most important assets of modern enterprises with companies gathering more data about their customers and users than ever before. Yet, maintaining the privacy and security of this sensitive data has unfortunately taken a backseat. Recent high profile breaches have brought to light how much of our information is being gathered and consumers and regulators are pushing for stricter guidelines on privacy. At ScaleVP, we have been following this shift in privacy concerns closely. In fact, our latest annual survey of C-level executives found that data privacy and lack of privacy controls are an increasingly pressing concern. We are seeing a perfect storm of changing consumer expectations, incessant large-scale security breaches, and new regulations that is dramatically altering the global privacy landscape. That brings us to BigID. BigID helps organizations understand the risks and potential exposure of that information through deep data science. Today, we are proud to announce our series B investment in BigID.
What is driving privacy concerns
In just the last few years, we’ve seen the fall-out from breaches across Cambridge Analytica, Yahoo (3 billion affected users), eBay (145 million affected users), Linkedin (117 million users), and Equifax (148 million affected users). With these breaches fresh on their minds, only 25% of Americans believed most companies handled their sensitive personal data reasonably per a recent PWC survey.
Furthermore, regulatory mandates from Europe’s General Data Protection Regulation (GDPR) has made it the responsibility of the data owners and processors (businesses) to identify and protect the personal data under their purview with fines up to 4% of global revenue for non-compliance. Similar laws are now being debated in Canada, Australia, China, Japan, and even on our own California ballot in November (the California Consumer Privacy Act of 2018). In light of this shifting landscape, companies are looking for solutions that will let them stay in the good graces of their customers, regulators, and changing norms. Enter BigID.
BigID built an enterprise privacy management platform for companies to understand their customer, partner, and employee data they collect and their data-related risks. BigID gives visibility into customer data, identifying where it is stored (e.g. in an email, in an excel file, in a database, in the CRM), who is accessing it, and the risk of storing personal information (PI) in a given location. The technology works by using artificial intelligence to search across multiple big data stores, map relationships across sources, and see how data flows across different geographies. We believe that effectively protecting customer data requires a data-driven solution, and the historical approach of quarterly department-level surveys simply asking employees where they are storing sensitive data won’t cut it. Especially in a world where companies are now obligated under GDPR to process “right to be forgotten” requests and notify subjects of breaches in less than 72 hours!
What further supported our theory was hearing from one of BigID’s customers describe how re-engineering their customer privacy efforts has become a major initiative for them. In an astute observation, this executive noted that working with BigID revealed that this effort would be even harder than he originally planned, as it would necessitate an organization-wide culture shift in how employees treat customers’ personal data. We are convinced BigID will drive this cultural transformation, and look forward to working alongside the founders, Dimitri and Nimrod, and their team to improve how companies are tracking and retaining their sensitive data.
Jeremy Kaufmann contributed to this article.