Corporate mind share has, in the past, focused primarily on the environmental aspect of ESG.

It’s easy to see why, when we think of “progress” in a business sense, we think about energy and the environmental impact of using it to fuel commerce. Because of this, traditional fossil fuel reliant businesses and the manufacturing sector are problematic for investors. They have been for a while now.

For decades, the effect of these industries could be smothered in rhetoric and convoluted “science” from questionable sources in an attempt to throw investors off the scent. These days, the impact is obvious and somewhat televised. Coupled with the systematic decloaking of investment groups, “peering under the hood” at where they place their chips is at an all-time high.  

Let’s face it, the next decade will usher in some of the strictest governmental policies ever witnessed concerning the environmental impact of doing business.  

As the oil industry fades into history, investors and governments will seek to address the next big problem with doing business, data.

Where does this leave data governance?  

As we all know, ESG stands for Environment, Social and corporate Governance. While energy and diversity targets get all the headlines, corporate governance and particularly data governance seem to have been swept into a dank corner. Organizations mostly treat cybersecurity like a problem that will just go away if they don’t look at it.  

Who can blame them?

Most of the data governance industry doesn’t truly understand how their particular doohickey is going to revolutionize the business world; much less sell people on the solution.

It goes back to that old 1980’s corporate wall poster, “All Problems Are Communication Problems.”

Of course, the elephant in the room is that most ESG rating providers actually favor tech-based businesses over oil and natural gas companies… for now, further skewing the picture. ESG, of course, is a constantly developing animal. In 10 years time, it will be unrecognizable and most likely all encompassing.

The minor inconvenience of today will be the legal requirement of tomorrow. Just look at the history of increasing legislation throughout the ages.  

In fact, the deregulation of industries is so unusual, it makes news headlines.  

As we all know, sweeping dust into the corner doesn’t make it vanish. At some point, somebody somewhere is going to kick it and cause a heck of a problem to clean up.  

In short, data governance will be as top-of-mind to governments and industry regulators as oil spills are today. Right now, the tech industry and really, any industry that relies on technology is getting a free pass because investors love tech. Profits are high, employment is at capacity and let’s be honest, investors can monitor their portfolio with a laptop and a Zoom account.  

Who needs to fly out and see the latest oil rig in the Gulf of Mexico when you can join your stakeholders in a virtual boardroom wearing slippers? If we dare to peek under the hood at the S&P 500, businesses that use mountains of data are clearly carrying the stock market.

Everyone else is just a passenger, and here’s the problem… the bubble will burst.

Someday soon, data governance will be spoken about in clear and uncertain terms from the White House, no matter who the President is. It’s a matter of time until cybersecurity is front and center in every boardroom on the planet. Two decades ago, corporate governance was about cleaning up oil spills, today it’s about cleaning up data spills. In a galaxy not too far away, every single time data is breached, lost, misused or stolen, folks with Data Governance Investigator printed on their back will pay you a visit.  

Offices will be turned upside down and staff sent home, trading will cease until a full investigation is conducted and the fines will be huge.  

How do we know this?  

Because history, that’s how.  

The energy sector, the finance sector, big pharma, even Mr Zuckerberg himself, have all found themselves sitting before a committee answering awkward questions.  

This data revolution is nothing short of a miracle, but with it comes security concerns. Considering the volume of mission critical and even personal data the average business has on tap, any organization in this brave new world of data abundance, without an obvious strategy, is on very rocky shores.  

Primarily, businesses must ensure the security of customer data, but employees are people too, with rights. Again, this isn’t about organizing your affairs and patting yourself on the back. In the not-too-distant future, people with name tags and file boxes will burst through doors… guaranteed.

Stakeholders and industry leaders then, are encouraged to become more transparent with their data governance strategy. Data governance is about to drop into the boardroom like The Beatles did in New York back in 1964.  

Minus the screaming (hopefully).  

Just this week, Australian telecoms giant Optus suffered a catastrophic breach that included private details of 11.2 million customers. Details like driver’s license, addresses and passports are being held to ransom as we speak. Customer verification details were kept on file for around 6 years by Optus and some light-fingered ne'er-do-wells gained access to them.  

According to Australian federal police, anyone found purchasing stolen credentials will be arrested and could face up to 10 years in prison, that’s fine; what about the customers?  

Customers are asking why Optus themselves aren’t being found liable for the breech. One customer, Dannielle Miller, said, “The CEO referred to Optus as a victim of cyber-hacking. They’re not the ones who have had their personal details hacked - the customers are the victims.”  

Many customers have taken to social media to vent and announce that they will switch mobile phone providers. In 2020, Optus objected to potential changes in Australian federal law that would allow customers to erase their own data and give them rights to take legal action against data breaches.  

Quelle surprise.

Companies are on borrowed time; they can’t lobby the government in perpetuity. Eventually, the government will understand the implications of these data breaches the way ESG conscious investors do. The safety net for many of these organizations is market share, the larger businesses rely on legacy and brand.

But for how long?  

The clock is ticking.  

It’s a matter of time until a data breach or poor data governance is prosecuted with the gravity and severity of Deepwater Horizon.

Our digital footprints are walking us closer to tighter and tighter data regulation, one step at a time. The next big data breach might cause a big enough stir that 11.2 million customers are awarded compensation.

Imagine that eye watering number etched onto a balance sheet.