Building Cyber Resilience: Why Agility in Data Governance is Key
A robust data governance framework can significantly enhance an organization’s cyber
security resilience in several ways. In many ways a successful data strategy requires a strong Data Governance framework to guide Data Management practices.
Implementing Data Governance that requires careful planning, stakeholder engagement, and a clear understanding of the organization’s data landscape and many organizations are moving towards managing their data keeping in mind the sensitivity around cybersecurity.
Effective cybersecurity and data governance require a proactive approach, balancing risk management, compliance, and resilience against evolving threats says Shaik J Ahmed , Head India Lenovo Security Solutions.
SecurityDive spoke to Shaik J Ahmed, to understand the current state data governance a cause for major data breaches and governance is in today’s digital landscape.
Shaikh J Ahmed has a proven track record in security leadership, takes care of Lenovo’s security solutions and services business across India.
His aim is to optimize customer satisfaction through comprehensive Cyber sales, services, advisory, consulting, and management engagements with clients at both enterprise and business unit levels.
Shaikh J Ahmed Cybersecurity leader and Indian Armed Forces Veteran with over 25 years of rich experience in defense and corporate sectors in Cyber Operations, Digital Security and Cyber Threat Management.
SecurityDive.in: One of the primary challenges is the complexity of modern data infrastructures. How do you see this and what do you suggest as a cyber-security leader?
Shaik J Ahmed: Adopting Hybrid & Multi-Cloud Strategies
Organizations should start by mapping workloads to the environments where they perform best—public cloud for scalability, private cloud for sensitive data, or on-prem for legacy systems. Tools like Kubernetes and Terraform help standardize deployments across providers, ensuring portability.
Prioritizing open-source technologies (e.g., PostgreSQL over proprietary databases) and designing cloud-agnostic architectures reduces vendor dependency.
Regularly auditing costs and performance across platforms also keeps flexibility intact. Think of it as a buffet: pick the best offerings from each provider without committing to a single menu.
SecurityDive.in: What steps should Org’s take in respect to sensitivity and importance of data?
Shaik J Ahmed: Implementing Edge Computing for Real-Time Data
Businesses should deploy edge nodes close to data sources (e.g., factories, retail stores) to process time-sensitive tasks locally—like analyzing CCTV feeds for security or monitoring machinery health. Start with pilot projects using lightweight frameworks (K3s, AWS Greengrass) to manage edge devices, then scale gradually.
Ensure edge systems sync seamlessly with central clouds, sending only aggregated insights upstream.
But watch out for challenges: patch management for thousands of devices and balancing edge autonomy with centralized governance. It’s like having mini-brains locally while keeping the “big brain” in the cloud.
SecurityDive.in: How do leaders ensure that data is managed and aligns with the organization’s goals and objectives?
Shaik J Ahmed: Serverless Benefits & Challenges
Serverless lets teams ship code faster by offloading infrastructure management—think auto-scaling APIs or processing uploads without provisioning servers. Cost efficiency (pay-per-use) and reduced operational toil are huge wins.
However, debugging distributed functions feels like solving a puzzle blindfolded, and cold starts can frustrate users during traffic spikes. Businesses are tackling this with better observability tools (Datadog, CloudWatch) and blending serverless with containers for stateful workloads. It’s a trade-off: agility now, optimization later.
SecurityDive.in: Implementing a Data Governance program in a large organization is a multifaceted process? Your take as a leader in the age of AI?
Shaik J Ahmed: Cybersecurity in Multi-Cloud Environments
With data scattered across clouds, security can’t be an afterthought. Unified policies (encryption, access controls) and tools like CSPM (Cloud Security Posture Management) are critical.
Zero-trust models shine here—authenticate every request, segment networks, and monitor cross-cloud traffic for anomalies.
As data grows, automate threat detection (SIEM tools) and train teams to spot misconfigurations. Imagine each cloud as a fortress; cybersecurity is the shared rulebook ensuring all gates stay locked, even as traffic surges.
SecurityDive.in: Despite the clear benefits of data governance in enhancing cyber security resilience, many organizations struggle to implement effective governance frameworks. What would you suggest.
Shaik J Ahmed: Preparing Teams for Cloud Evolution
Continuous learning is key. Invest in certifications (AWS, Azure, Kubernetes), but pair them with hands-on labs where teams test new services (e.g., serverless, AI/ML pipelines).
Encourage “innovation time” for experimenting with tools like Terraform or cross-cloud services (Anthos, Arc).
- Foster a culture where failure is part of learning—run post-mortems on sandbox projects. Cross-train teams so devs understand security, and ops grasp coding. Cloud fluency isn’t a skill; it’s a mindset of staying curious and adaptable.
Organization must create a plan for managing data depending on its value and the risks it carries, ensuring that data is handled properly says Shaikh J Ahmed as we conclude this interview.
(Editor: Gargi Chakraborty)
