In an era where data is frequently termed the “new oil,” a critical question remains largely unanswered: who truly owns the drill, and more importantly, who owns the oil once it leaves the ground? On May 15, 2026, a high-impact virtual session titled “Is Your Data Really Yours: Ownership in the Digital Age” brought together a panel of global cybersecurity luminaries to dismantle the “consent illusion” and redefine the landscape of data stewardship.

The virtual session explored the uncomfortable truth that while users may generate data, they often lose control of it the moment it enters the complex enterprise ecosystem. As organizations rush to deploy Generative AI (GenAI) at breakneck speeds, the panel argued that the industry is facing a crisis of accountability that transcends traditional technical boundaries.

The Distinguished Panel

The dialogue featured four sharp minds, each bringing a unique perspective from the front lines of global cybersecurity and technology architecture:

• Dr. Lopa Mudraa Basuu: A recognized visionary leader and former VP at JPMorgan Chase.
• Harpreet Singh: A Managing Director with 25+ years of expertise in architecting technology solutions.
• Sanjeev Ojha: Practice Director and a leading expert in Identity and Access Management (IAM) and Zero Trust.
• Tausif Kazi: A Principal Analytics Consultant and platform

The “Consent Illusion” and the Transparency Gap

The session opened with a sobering look at current statistics. Host highlighted that 4 out of 5 global internet users feel they have lost all control over their personal information. This “consent illusion” is fueled by lengthy, incomprehensible terms of service that users click through out of necessity, not understanding that their data is being replicated across analytics engines, third-party platforms, and cross-border infrastructures.

Dr. Lopa Mudraa Basuu argued that the digital economy is predominantly engineered around “data leverage,” where the user is often the product rather than the customer. She noted that once data enters a corporate ecosystem, ownership becomes “largely theoretical” because the visibility for the user is almost non-existent.

Identity—The New (and Only) Perimeter

Sanjeev Ojha provided a deep dive into the shifting architecture of the enterprise. In a world of cloud-native and AI-driven environments, the traditional “castle and moat” security model is obsolete. Identity is no longer just a control layer; it is the foundation of security itself.

A particularly pressing concern raised by Ojha is the rise of “Agentic AI”—autonomous systems that can elevate their own permissions or access data without direct human awareness. He warned that many organizations are currently “not yet ready” for this shift. To combat this, he proposed a robust lifecycle management approach:

1. Discovery: Identifying all identities (human and non-human) in the system.
2. Governance: Assigning a “human in the loop” to manage the lifecycle of these autonomous agents.
3. Guardrails: Implementing centralized systems like Identity Threat Detection and Response (ITDR) to take feeds from endpoints, XDR, and SIEM servers.

Architecting for Resilience, Not Just Compliance

Harpreet Singh challenged the audience to rethink the “Mahakum style” of operations—large-scale, high-velocity systems where security is often an afterthought. He emphasized that security should not be a “review gate” that slows down innovation but a “product requirement” integrated from the start.

One of the most effective tools in this arsenal is Multi-Factor Authentication (MFA) and Role-Based Access Control (RBAC). Singh broke down the three pillars of MFA:

• Knowledge: Something you know (e.g., a password).
• Possession: Something you have (e.g., a hardware token or phone).
• Inherence: Something you are (e.g., biometrics).

However, the panel agreed that technical controls are insufficient if the architecture doesn’t allow for visibility into traffic and proactive threat prevention.

The Leadership Crisis and the $50 Billion Risk

Perhaps the most provocative segment of the session involved the role of leadership in the age of AI. Dr. Basuu noted that she is less worried about “insecure technology” and more worried about leadership teams deploying AI at a velocity that exceeds their governance maturity.

The financial stakes are astronomical. Sharma cited numbers from IBM Security and legal analysts suggesting that more than $50 billion in cumulative data is currently under “extraction risk” due to active copyrights and privacy lawsuits related to AI training. Despite this, 83% of organizations reportedly have no technical controls to prevent employees from uploading confidential data into public AI tools.

The “Employee as the Weakest Link” Myth

Dr. Basuu offered a strong critique of the common cybersecurity trope that “employees are the weakest link.” She argued that if an employee is the weakest link, it is actually a failure of organizational governance and security deployment.

“Employee needs to be the strongest link of your security,” she stated. This requires unlearning old processes and moving toward a culture where security is part of every role’s responsibility—from the junior scientist to the payroll consolidator. Training must move away from “once a year” compliance checks to a daily “injection” of security awareness.

Conclusion: From “Everyone’s Responsibility” to “My Responsibility”

The session concluded with a powerful call to action. Vijay Pukale (Varij) summarized the shift needed in corporate culture: “Let’s break the myth that security is everyone’s responsibility. From now, we can say that security is my responsibility“.

The consensus among the speakers was clear: reclaiming data ownership in the digital age requires a three-pronged approach:

1. Ethical Stewardship: Organizations must treat user data with the same dignity and protection they would their own proprietary secrets.
2. Technological Guardrails: Implementing Zero Trust and advanced IAM to govern the “wild west” of agentic AI.
3. Leadership Accountability: Slowing down AI deployment enough to ensure that ethical and legal governance can keep pace with innovation.

As the “picture perfect panel” concluded, the sentiment was that while one hour was not enough to solve the crisis of digital ownership, it provided the necessary blueprint for a more secure, accountable future.

Data Trust Quotients (DTQ) is a strategic ecosystem architect that aims to bridge gaps between industry, startups, and investors. DTQ blends data privacy, governance, and cutting-edge AI to accelerate transformative breakthroughs in different domains.