As data ecosystems grow in complexity, so do the risks lurking beneath the surface. Shadow data—unclassified, untracked, and often stored in unauthorized locations—presents a critical blind spot for Data Risk Management professionals.
When combined with insider threats, both intentional and accidental, this hidden data becomes a major vulnerability that traditional controls often miss.
In this session, we’ll explore how to uncover shadow data across your organization, assess insider risk exposure, and implement governance frameworks that bring visibility and control to your data landscape.
You’ll walk away with actionable strategies to reduce risk, improve compliance readiness, and ensure your data risk posture is truly comprehensive.
What You’ll Learn:
- Common sources and types of shadow data—and why they go unnoticed
- The growing impact of insider threats on data risk and compliance
- Best practices for identifying, classifying, and governing shadow data
- How to integrate shadow data discovery into your existing risk frameworks
- Tools and techniques to enhance visibility and accountability across data assets
Governance and Privacy Professional
Priya is an accomplished professional with over a decade of experience in Data Privacy, Information Security, and Compliance. She currently works with a global investment bank in the Data Governance and Management office. In her leadership role, Priya drives initiatives aligning data governance, privacy, and security services with international standards, impacting sectors including Big 4 firms and diverse service and product-based organizations.
Known for her uplifting energy and commitment to excellence, she has fostered strong security and privacy cultures through extensive training initiatives. Priya also contributes to the global industry expansion while ensuring regulatory compliance.
She holds a Master of Science in Cyber Law and Information Security from the National Law Institute University, an engineering degree in Information Technology, a Data Privacy and Technologies certificate from Harvard Business University, and a CIPM certification from IAPP. Recognized as a Top Data Privacy and Governance Voice on LinkedIn, Priya remains committed to professional growth, actively participating in IAPP conferences, roundtables, and industry summits.
Senior Solutions Architect
Joseph is an experienced Consultant and Business Development professional, driven to empower clients to realize, meet, and exceed their Data Privacy needs.
He is an IAPP Fellow of Information Privacy, holds a degree in Mechanical Engineering, and has a strong background in data analysis. Joseph is a mature and enthusiastic professional with excellent interpersonal, analytical, communication, and problem-solving skills.
As part of his continuing professional development, he has written and published a book on the IAPP Privacy Technologist certification (CIPT), which has sold over 600 copies worldwide.
He thrives on the fast pace, challenges, and team-centric nature of working in business development.
Legal and Policy Professional
Adv. Abhishek Singh is a distinguished legal and policy professional working as an Associate at Lakshikumaran & Sridharan Attorneys (LKS) TMT and Data Protection team. An alumnus of the 2017-2022 batch, he was a founding executive member of the ‘Centre of Excellence for Cyber Law’ at his alma mater Vivekananda Institute of Professional Studies, IP University. Certified as a Data Security Council of India Privacy Professional, he excels in data protection, privacy and AI frameworks.
Adv. Singh has contributed significantly to policy paradigm with three report publications on the United Nations website representing India in regard to human rights initiatives. He has worked with CyberPeace Foundation as a Research Associate and Policy Team Lead, focusing on numerous techno-legal and policy based projects and campaigns with ministries and govt institutions including MoD, MHA, NCPCR, NCB, NCRB, and MeitY. He has also led and provided inputs in public consultations for the Digital Personal Data Protection Act (DPDPA), 2023 and other cyber laws and policies such as the IT Rules, 2021. He is also an awardee of the Chief of Army Staff Commendation Card in 2024 for his professional contributions towards the Indian Army.
Currently, he assists a diverse global clientele on compliance, advisory, regulatory and policy related matters concerning data protection and other prevalent cyber laws at LKS.
Data Privacy Lead
Liza is a Computer Science Engineer turned privacy professional who helps organizations achieve privacy compliance. She has played key roles in process compliance, business continuity management, facilitating ISO 27001 and 45001 audits, and managing Training and Development functions for high-value business units.
Legal and Data Privacy Professional
Sameeksha Sharma is a CIPP/E-certified privacy professional who manages the data-privacy programme at Mahindra Home Finance in Mumbai. In this role she designs and runs end-to-end privacy controls—gap assessments, DPIAs, consent and third-party reviews—for more than 35 million customer records, translating India’s DPDP Act and RBI guidance into day-to-day practice.
Earlier, as Assistant Manager – Privacy & Compliance at Yotta Data Services, Sameeksha steered ISO 27701 surveillance audits, built contract-management playbooks and mapped shadow-data flows across hyperscale data-centre operations.
A BBA-LLB (Hons.) graduate from NMIMS School of Law with additional diplomas in cyber and technology law. When off duty, you’ll find her composing sitar riffs that, in her words, “often inspire the next control framework.