Cybersecurity , Data Governance

Data at the Heart of Digital Transformation: IATA's Story

Kim Macaulay, IATA, Shares the Company's Data Governance Strategy, Plans Ahead
Data at the Heart of Digital Transformation: IATA's Story
Kim Macaulay, chief information and data officer, International Air Transport Association

In an industry as dynamic and interconnected as aviation, data governance acts as a backbone of digital transformation and operational resilience. In an interview with Information Security Media Group, Kim Macaulay, chief information and data officer at International Air Transport Association, IATA, shares how the company's data governance strategy broke down silos, enhanced collaboration with airlines, and drove innovation in artificial intelligence and analytics.

See Also: The Forrester Wave™: Governance, Risk, And Compliance Platforms, Q4 2023

Edited excerpts follow:

At the heart of any business is a robust data strategy. What role does data governance play in the success or failure of business technology projects?

It's always good to know what the business goals are, from a strategic perspective, which informs the data that is needed to enable digital transformation. Data is at the heart of digital transformation. Business strategy comes first and then data strategy, followed by technology strategy.

At IATA, we formed the Data Steering Group and identified critical datasets across the organization. We then set up a data catalog and established a governance structure. This was followed by the launch of the Data Governance Committee and the role of a chief data officer. We're going to be implementing an automated data catalog and some automation tools around data quality.

Data governance has allowed us to break down data silos. It has also enabled us to establish IATA's industry data strategy. We treat data as an asset, and that data is not owned by any particular division but looked at holistically at the organizational level. And that has allowed us opportunities to do some exciting things in the AI and analytics space and even in the way we deal with our third-party data suppliers and member airlines.

We have also established data stewardship roles that help business teams understand the quality of the data. If the data quality is good, the analytics is good. Anytime we obtain data from our airlines, it has been given to us under the trust that they embed with us.

As chief data officer, what advice would you give enterprise IT leaders on implementing a data strategy?

You need to have a collaborative approach. Saying "this is what you're going to do, take it or leave it," is never going to work. There's no one size fits all. Each organization is different, and we were able to, through the data governance piece, bring in the data strategy. Each business team has its business strategy, but the data strategy to support all of it can be one if you ensure that you have engaged with all the teams and that you bring something that is representative of what they want to do. I'd also say that you shouldn't rush it. It has to be business-led, not IT-led, initially.

And when you see all of this come together, you realize you were part of something exceptional. Everybody knows about our IATA industry data strategy because it's out there. It's a testament to always having that collaborative mindset and not disregarding any business input.

Air transport is a critical infrastructure industry. Any disruption-based cyberattack or software supply chain failure can have a catastrophic impact. It can also impact the global supply chains. How do you think CIOs can prevent or minimize damage?

Only recently, we witnessed an outage that disrupted the whole world. I think it was the first time where a systematic failure - or something that's introduced into the network because of something that we didn't necessarily see - caused a disruption of this scale. For us, the communication component is key. We work closely with other CIOs as this allows us to be better equipped to manage massive global supply chain issues or any big global impacts. Even if it's a cyberattack, it is essential to communicate quickly and to make sure your customers are not kept in the dark.

Having the right skill set to be able to identify the issue quickly is also critical for us. So, if you've outsourced a lot of your IT and security capabilities, you're more exposed than you would be if you had some of those core activities in-house. We have invested heavily in upskilling our staff and making sure that we've got those resources. We've got robust incident management processes. I'm happy about the way we managed the crisis - we communicated quickly and let everybody, including our customers, know at every front, and collaborated with our technology partners.

We've got a lot of learning campaigns and policies to create a safe environment for our employees and keep the IT and security teams informed of the issue. This has also been a huge testament to making sure that the communication gap is closed. We're also a part of Aviation ISAC, which is a broader community of CISOs, because we do believe in sharing the information as an industry.

What are your key business technology goals for 2025?

We want to do more work in the AI and generative AI space. We will run AI use cases on a multi-cloud infrastructure and build large language models for our airlines. We want to increase co-creation with airlines in the data space, which is gaining momentum, while also expanding our efforts in sourcing key strategic IT capabilities. Enterprise architecture is also critical for us in the next couple of years. It moves so quickly that it is sometimes difficult to focus on the underlying, foundational items. Particularly after COVID-19, we had to adapt and adjust quickly. We are also looking at working on some of our key platforms around innovation and digital transformation, and we want to be at the forefront of this dynamic evolution.

We are undergoing key initiatives around modern airline retailing, which is a critical digital transformation program with the industry and the airlines. Everything that we do around data is at the forefront of protecting aviation data, and we make sure that airlines have access to their data for analytical purposes and things that they're generating when it comes to AI.

On the sustainability front, we are working on initiatives such as Fly Net Zero and CO2 Connect. Understanding that technology is at the heart of sustainability, we are seeking solutions with our partners on cloud processing and big data centers.

At IATA, Macaulay brings together the key areas of data, technology and cybersecurity to achieve digital transformation. She is currently working with the commercial products and services team to launch the first-ever IATA World Data Symposium in Dublin. Prior to IATA, she held senior leadership roles in the banking sector.


About the Author

Rahul Neel Mani

Rahul Neel Mani

Founding Director of Grey Head Media and Vice President of Community Engagement and Editorial, ISMG

Neel Mani is responsible for building and nurturing communities in both technology and security domains for various ISMG brands. He has more than 25 years of experience in B2B technology and telecom journalism and has worked in various leadership editorial roles in the past, including incubating and successfully running Grey Head Media for 11 years. Prior to starting Grey Head Media, he worked with 9.9 Media, IDG India and Indian Express.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing cio.inc, you agree to our use of cookies.