Wilbertus Darmadi is CIO at Toyota Astra Motor, Indonesia. He has over 26 years of experience as an IT professional, particularly in the automotive industry. Having a vast background in IT, he gained hands-on experience in several IT technical skills as an engineer before being promoted to CIO. In his current role, he works with multinational stakeholders, team and partners to help his company improve its business performance using the latest technologies such as IoT, the use of “smart data”, cybersecurity, etc He is actively involved in the Indonesian CIO community.

In an exclusive interaction with us, Wilbertus sheds light on data management strategies for businesses in 2022 and best practices for organizations when it comes to data security.

The way organizations use the value of data to generate insights and analytics, while predicting accurate market behaviors and outcomes, enables a more efficient and goal-oriented business environment. What are some of the most important data-driven strategies organizations need to implement in order to further enable this?

Starting with the basics, there are two things: first, what do we actually use the data for. In my opinion, data actually helps the company beat the competition. It is important that management or the board of directors is aware of this, because the commitment, participation, encouragement of management is important to ensure that data is applied in each company.

The second element concerns the use of data. In my experience, for example, even if the IT department or the CIO has already put in place all the infrastructure related to the use of data, such as a data warehouse and end-user data tools, we find that data usage is always low unless approved by senior management. A very small example would be top management asking every member of a meeting to speak based on data, not assumptions. It’s small, but it will help achieve the goal of becoming a data-driven organization and accelerate the use of data. So infrastructure readiness is on one side, but utilization is another. And I think utilization always becomes a challenge in every company because few companies are able to use data in an optimal way.

Good data will drive innovation. How does Toyota seek to harness data for innovation?

Again, going back to basics, it starts with data cleansing when we talk about data infrastructure readiness and usage. I have often heard that data cleaning is a challenge every year and becomes a never-ending task in organizations. It is a challenge because it prevents the organization from moving forward to use the data and use it for innovation. Therefore, organizations need to start with the very basics of data cleansing.

In my opinion, don’t put unnecessary data in your data warehouse. You don’t need to clean if you put clean data in your warehouse. So start at the beginning – the front-end from which the data is entered; where do you actually get the data from; what application do you use to enter the data? Use upstream validations and filters to ensure that only clean data enters the system.

Once you get the clean data, the next step is data analysis – what kind of innovation do you want to do with the data? How do you want to use the data? In this sense, when we talk about the use of data, we must understand if this data can be used directly by the professional user. Not all business users need to consult with IT every time they need to create a dashboard or download data. So unless you empower your business user to perform self-service analytics, you will not become a data-driven organization. It’s about giving them the right, simple tools to perform self-service analytics. I believe that then many ideas, many innovations will come from the business user himself.

With increasing digitization, the boundaries between applications and infra blurring, the importance of data security and privacy has become a top priority for organizations. What are some of the best practices you recommend for it?

When it comes to data security, to plug data leaks in the system, we must first understand the flow of data in the system – where is the input, what applications are used to enter the data, who is actor or person entering the data, how the data flows through the data warehouse, who can actually use the data, in addition to the data entry person, and what surrounding applications are leveraging or use the data. So you need to have the full data flow to identify the points from which data leakage is possible, and then think about how to apply data protection at those points.

In this direction, the first basic point is access to data – who can access what? After that, in every data transmission through the networks, we must ensure a secure framework. You can use data encryption or data tokenization so that when you transmit the data, it is not bare data.

The next step is to monitor where you keep the data or your databases – how do you protect the data, who can access all the data. In short, all data should be encrypted.

What will be your top tips for CIOs and CISOs for smarter use of data in 2022 and beyond?

When it comes to making smarter use of data, CIOs and CISOs need to collaborate. Because their main purpose is different. For CISOs, it’s security and Zero Trust. For CIOS, the objective is different: to what extent can it use the data for the benefit of the company. So while one is trying to accelerate, the other is trying to apply as much brakes. So they have to work together to find the right balance or, as they say, take calculated risks based on benefits and risks. And sometimes we have to take a risk, but it has to be a calculated risk. So the key here is to take calculated risks as organizations accelerate the use of data.