For communications service providers (CSPs), in common with all other organisations, the data they collect about their customers, their habits and preferences is a hugely valuable resource which can be monetised and used to enhance business performance. However, the flipside is that the data, if its security is breached presents a substantial business risk. In this four-part series of articles, Laurence Pitt, the director of security strategy for EMEA at Juniper Networks, assesses where the balance lies.
Commerce is built on the concept of the value chain. The notion that you can take something of relatively little worth and, through various processes, increase its value is fundamental to a sustainable global economy. And, in the early part of the 21st century, it is data that gives rise to perhaps the most significant contemporary value chain of all.
Now, I am not saying that data is new. After all, the Babylonians conducted the first known census nearly 6,000 years ago. So, what makes the data we collect today more attractive? I contend there are four key factors that come into play nowadays:
- The sheer volume of data that is collected
- The frequency at which data is collected
- The accessibility of the data
- The ability to process the data
Today, anything can be a device, or a thing – a car, a phone, a fish tank – and they all collect data. As the Internet of Things (IoT) proliferates, so will the data that is collected. And because these devices are connected there is a constant stream of data, be it about your location, your browsing habits, or what you spend your money on. But just because data can be collected does not, in itself, make that data more valuable.
While it’s true to say that data volumes are increasing exponentially, as already mentioned we should not lose sight of the fact that data has always been collected. However, much of that data was inaccessible – paper documents stored in warehouses or magnetic tapes stored in libraries. Today, data is electronic, accessible from anywhere, and is shared and traded amongst organizations instantaneously. The final link in this value chain is our ability to process this data. In other words, we refine what is basically a raw material into something that yields intelligence, insight and, ultimately, wisdom. This is the data value chain and organisations that understand it’s significance can prosper. And this is why it is also of interest to hackers.
So now we have the raw ingredients, what does the data value chain look like? Think of the raw data as a collection of unassociated facts, log files, and records. It sits at the bottom of the pyramid and, like crude oil, needs refining to deliver value. The next stage is to bring together relevant data elements. For instance, it could be associating a bank account number with a name and a series of purchase records. This gives us information, something more meaningful that we can work with and, of course, something more valuable. But the story does not end there. The information stage is predominantly reactive, it allows you to piece together what has happened but not necessarily why.
The next stage is knowledge. By interpreting information, we can begin to understand why events happen; Joe is related to Josephine, it’s Josephine’s birthday so Joe goes shopping for a gift. This allows us to predict. For instance, in the example I’ve just used, it’s likely that Joe will go shopping around the same time each year to buy a gift for Josephine. Finally, we have wisdom. At this stage, we can use knowledge to make decisions and determine actions; understanding what is happening and why it is happening enables us to be proactive.
- Data can be assimilated more quickly than ever before from multiple, diverse sources and locations
- The value of data grows as it ascends the Data Pyramid and acquires knowledge and wisdom
- As the value of data increases to your organization, it also becomes more attractive to the cyber-criminal