In the infancy of any technology, there are going to be teachable moments. Prehistoric man\u2019s mastery of fire didn\u2019t come without a few scorched fingers and the occasional multi-acre conflagration. As a species, our taming of fire and combustion enabled innovations in everything from cooking to metallurgy to transportation, to an array of other endeavors. Those innovations, however, required a continuous process for humans to learn and establish capabilities to control fire, to use it appropriately, and to make it work for humanity\u2019s benefit.What the discovery of fire meant to ancient humankind, the internet is to our modern world: a reshaping force that has reconfigured the ways in which we interact and innovate. And\u2014like our forebearers\u2014we are still singeing our hands a bit as we learn to operate appropriately in our evolving digital society. No matter whether we are enterprises or individuals, we must continue to develop and mature our capabilities to embrace and cope with new technologies and the resulting data that offer so much positive potential.Data is not the new \u201coil\u201d anymore. Data is the new \u201cair.\u201d It has become more than economic fuel; it is a catalyst of innovation, of disruption, and of possibilities. However, it\u2019s never a guarantee that all innovations, disruptions and possibilities will be positive ones. Creating fire was one of early humanity\u2019s greatest accomplishments. It also made arson possible. We still need to learn how to harness data and the internet for positive benefit\u2014as well as to manage and mitigate its risks. In the data we generate, just as there is great value, there also is great risk. We need to understand both and plot our digital pathways accordingly.Zuckerberg\u2019s testimony spotlights the need for national\u00a0\u2014\u00a0and even global\u00a0\u2014\u00a0discussionFacebook CEO Mark Zuckerberg\u2019s moments on Capitol Hill last month made our need to digitally evolve even more stark. His testimony made the spotlight already focused on data and privacy even brighter. If nothing else was accomplished by his interactions with Congress, he has surfaced important and thought-provoking issues worthy of continued discussion\u2014discussion that needs the active participation of policymakers, regulators, industry executives, academic leaders and individual citizens concerned about the use of their personal data.Zuckerberg\u2019s appearance in Washington, DC came in the aftermath of a data scandal involving a UK-based political data firm that improperly accessed data of millions of Facebook users. Pointing a finger at Facebook and asking, \u201cHow did this happen?\u201d may feel cathartic, but it misses the larger point. This happened because the digital world in which we are now living continues to evolve faster than we have developed internationally accepted standards. This happened because, absent of such standards, evolution within the global regulatory and public policy realm has been unable to keep pace with the rapid advancement of technology.\u00a0Admission, responsibility and a promise for the futureDuring his testimony, Zuckerberg admitted mistakes, accepted responsibility, and promised to do better\u2014and then was grilled about many of those mistakes and the path forward. While Facebook has pledged expanded efforts to protect its users\u2019 data, including giving users a better understanding of which apps can access their data and providing developers less access to data without users\u2019 expressed consent, the revised approach going forward should not be Facebook\u2019s responsibility alone. We, as individuals, have to accept some responsibility, too. In an odd sort of way, people have become data-driven companies in their own right. We must be proactive in the protection of our personal information, profiles, data and privacy rights.The urgent need for sound data protection has reached new heights globally thanks to the arrival of the long-anticipated General Data Protection Regulation (GDPR), which is now in effect. ISACA research conducted in the weeks leading up to the deadline shows that prioritizing GDPR compliance among other business priorities is among the leading challenges that organizations face. While balancing enterprise priorities amid a disruptive and fast-evolving technology landscape is no easy task, protecting customers\u2019 personal information \u2014 whether mandated by GDPR or otherwise \u2014 must be a priority, and therefore not relegated to being treated as a secondary consideration.Treating data with the right policies and regulations that benefit us allData is the new air, and leveraging its positive potential is essential to catalyze innovation, progress, and\u00a0to create new value. To inspire assurance and confidence that the appropriate data protection efforts are in place, implementation of more rigorous and robust information\/data governance is not an option; it has become a must. We may also need consensus-based standards to shape the right governance environment, ultimately making it easier to comply with any new policies and regulations that will come forward in the future. Without these conditions in place and lacking a collective commitment to collaboration, breathing this new air will become far more difficult.