VC Breakfast Club Talk Series – The Big Data Discussion

VC Breakfast Club: Expert Panel on Data Management

iAngels Founding Partner, Mor Assia, led our recent VC Breakfast Club discussion with three founders, from the Enterprise Software world, specialists in data management.

Data has received significant attention, this year with the introduction of GDPR. A major regulatory step for Europe, who’s aim is not to simply harmonize data protection and privacy laws, but allow individuals to regain control over their personal data. We’re now seeing businesses being forced to change the nature of their relationship with customers, some reinvent themselves due to potential loss of revenues originating from data monetization and several receiving large fines for privacy violations, Google and Facebook as significant culprits. It’s a space which will continue to hold significant interest for us, as the amount of data being created and used will continue to explode across every sector.

So far we see Israeli startups taking a leading role in responding to this new data reality and have three very talented data management founders in our portfolio including: Nimrod Luria, CEO of Prifender, Ammon Drori, CEO of Octapai and Yariv Tabac from DBmaestro, who have an impressive 69 years of accumulative industry experience.

We asked them to talk about some of the themes and challenges they’re seeing subsequent to the GDPR rulings. Here are a few of the highlights:

Nimrod Luria, CEO of Prifender, emphasized the massive change taking place in the market that isn’t purely being driven due to the GDPR rulings, but is being fueled due to the simple acknowledgement of data’s value. “There is a big change in the market, not just due to GDPR and the fines we’re all scared of, but the realization that data is the new currency, that mining and trading our data is the new gold.” 

Nimrod went onto explain that once companies manage to effectively answer the question of where their data sits and who owns it, the possibilities generated, become endless. But the enabler is really the integration of software that effectively joins up the dots. “What’s most exciting is new revenue streams are being created and organizations are now able to better prioritize business interests thanks to qualified decision-making.”

Ammon Drori, CEO of Octapai spoke of the need for businesses to not overlook the importance of having well mapped out data to ensure the data journey from source to business user is smooth and accurate. ‘Those responsible for Business Intelligence play an important role in moving the data from applications to business users with specific relevancy to GDPR, they are exclusively responsible for the last mile, knowing where the data is and how it flows. They have an important role in correctly mapping data journeys and ensuring total compliance with the GDPR ruling.”

But he went onto elaborate that conducting the mapping exercise, doesn’t come without its pains, especially due to such issues as inconsistent tagging of information and incompatible systems. Depending on the size of an organization, there can be between 6.7M to 30M data elements on average, therefore pinpointing specific data elements amongst tens of Business Intelligence systems is near to impossible. ‘The management of the data is almost as crucial as the data itself.”

Yaariv Tabac, Founder of DBmaestro, spoke of the industry’s desire to work ever faster, which often compromises the quality of output. Something DBmaestro are actively tackling to ensure the automation of data and governance is safe, secure and accounted for. In responding to Mor’s suggestion that corporations with cumbersome legacy systems could create significant issues for simple data migration projects or upgrades, Yaariv cited the example of working with a recent client who used to ship a new release every 5 to 6 months. “Their release would take 3 to 4 days to check and move all the data.” He explained that DBmaestro, were able to get the time required down to 46 minutes from development to production thanks to automating the process, subsequently giving them with the appetite to ship releases monthly. He commented that this now marks a huge transformation in the way companies are now able to operate.

To be the first to hear about upcoming VC Breakfast Clubs and other upcoming events globally, sign-up to our newsletter here 

Founder Interview: Dr Sagi Lazarov & Nimrod Luria from Prifender

We’re just a month away from seeing the General Data Protection Regulation (GDPR) introduced across Europe which will replace the old Data Protection Directives that were drawn up in the 1990s. A lot has changed in two decades. Vast swathes of personal data are now generated daily and the upgrade in data protection laws for citizens living in a democracy is well overdue.

With the new regulations coming into play on 25th May, we decided to interview the founders of Prifender, (an iAngels portfolio company) Dr Sagi Leizerov and Nimrod Luria, who have developed an AI driven automation system for managing data privacy. Read on to discover what they believe these changes mean.   

 Firstly, can you tell us what the GDPR is and why we need it?

The GDPR is being introduced as a means of strengthening data privacy for Europeans by replacing the old Data Protection Directives. The GDPR website  describes the new directive as being designed to “harmonize data privacy laws across Europe and to protect and empower all EU citizens’ data privacy”.

There’s been 4 years of preparation and debate since the GDPR was approved by the EU Parliament back in April 2016. Companies have been given 2 years in which to comply, with those who don’t comply at risk of facing significant fines.

The GDPR is expected to have significant impact on data governance and management and will impact enterprise software companies across the board.

With the GDPR enforcement date fast approaching, what is the level of enterprise readiness to comply?

Both Forrester and the International Association of Privacy Professionals have studied the question of GDPR compliance and found that many companies (the majority in the case of the IAPP study) will not be able to fully comply by its due date. According to the IAPP, only 4 in 10 companies will be ready by the compliance date. Forrester, which arrived at similar numbers, has even said that many companies are most likely overstating their readiness for GDPR.

Even those companies taking active steps to improve their preparedness for the regulation are facing significant challenges when it comes to the effectiveness of their compliance.  Traditional means for privacy compliance tend to emphasize policies, contracts and training (sometimes referred to as “paper compliance”) rather than controls and control-monitoring.  Without automated controls over the impacted data, it’s almost impossible to really know whether day to day activities are meeting what the policies and contracts are stating. 

What do you think would be the implication for non-compliance and which enterprises would be impacted the most?

To best understand the impact of non-compliance we need to keep in mind that the GDPR includes, for the first-time in the EU, broad breach notification requirements. This means that when companies will experience a security incident (i.e., an inappropriate access or disclosure of personal information), they will have to reach out to both their privacy regulators and the impacted individual to reveal the breach.  These notifications will lead to an audit of the company’s level of preparedness, and any identified gaps in their GDPR compliance will be viewed in the context of the breach.  In other words, compliance violations will be assessed based on the severity of the data breach. Consequences could mean reputational damage for organizations, fines or indirect costs such as increased audit requirements and challenges in signing up new customers as well as others. 

As this regulation concerns the personal information of European residents, will its impact be limited to European organizations?

It’s foreseen that the GDPR will have a global impact, mainly for two reasons: Firstly, it will apply to any organization that uses the personal information of EU residents, even if that organization is not based or is not operating in the EU.

Secondly, it will also apply to EU organizations that operate outside of the EU i.e., it will apply to non-EU residents that transact with an EU entity.

Beyond these two reasons, many international organizations will find it easy to adopt one set of requirements across their entire enterprise, rather than creating a patchwork of requirements for each operating entity in different countries. For this reason, we’re likely to see more organizations adopting global privacy standards that follow the GDPR’s high bar.

How do you expect this market to develop and how big do you feel the opportunity is?

The question should instead be, what we describe as being the market? While the market for GDPR related solutions is large and is likely to continue to grow over the coming years, there is an even larger and more promising market developing which is the opportunity generated by monetizing and profiting from personal information at scale. Personal data is a valuable asset that can generate significant revenue through the analysis, sharing, sale and its connectivity to different sources.

At a time when privacy regulations are tightening up and more people are increasingly becoming aware of the importance of data privacy, monetizing personal data is a challenge leading many organization to either avoid monetizing it completely, doing something small scale or worse, hiding the fact they’re monetizing data. With sophisticated technologies for tracking personal data coming into the market, a highly lucrative (and compliant) market is steadily opening up to organizations from a wide span of different industry sectors. For this market, the size of the opportunity is tremendous.

Can you tell us a little about the response and traction Prifender is getting so far?

Prifender represents a real paradigm shift in how organizations can manage personal information.  The technology is not an incremental step forward, it is a leap forward. The two reactions we’re currently receiving, when we show the technology to privacy professionals for the first time is that “its magic!”  and second comes, “I need it.”  Suffice to say that we’re getting very positive reactions and interest in Prifender as we continue to grow.

Read more about Prifender here.