The Economic Value of Data and How to Protect it

All the discussion and panic about cyber security can be overwhelming and shift focus away from the value of the data they are sitting on. “Data is the new oil” is often quoted to highlight just how central data has become in today’s global economy. It was always important, as no market based system could survive without information. However, information technology has developed at a pace far greater than other technologies. Given how central data is now to the world, it would not take long for economists to understand what the primary impact on data has been that may have shaken economics at its core. The main concept that has required a re-examination is the idea of marginal cost. Where data has close to zero marginal cost to reproduce. The economic value of data should be understood but what about how this economic value translates to financial value for your organization.

The Economic Value of Data and How to Protect it

Core Foundations: Data and Analytics

Consider for a moment how your organization treats data. Do you treat data like an asset? What about as a form of currency? Maybe data just passes through your organization, and you possess it temporarily? How we treat the commodity of data is increasingly becoming an important question, and will require the basics of data analysis, economics, and finance to understand how data is exchanged in today’s world.

Data

Did you know every two days we produce as much data as all of recorded human history. Which is truly amazing, but in the last few years we have had to take a closer lens to our relationship with data. In today’s world data has become quite possibly one of the most valuable commodities existing today. While there is a massive amount of data being generated everyday, its economic value is not diminished. Data may not be a physical asset but it plays a substantial role in the valuation of a company.

Analytics

Analytics is a systematic analysis of data which is often performed by a computer. With analytics public and internal data is mined and analyzed to generate operational and behavioral insights. These insights often are used to improved operational effectiveness, define competitive differentiation, and increase relevance in the marketplace. Analytics, not data alone, is the basis of business decisions that happen in today’s world. Analytics can be descriptive, diagnostic, predictive, or prescriptive. Often this is when data become knowledge. Most data and analytics only become an asset to a business when it produces something useful or of value. This often depends on context and stakeholders.

Data Economics

It is important to understand what value is exactly. Value is how useful something is to someone or an organization. Value will often be different person to person and business to business. In the context of data, the analytics and information produced only can be useful once it is actionable knowledge. Data being central to the world stage has had some serious impacts on business and everyday life. As mentioned above was the idea of marginal costs coupled with depreciation, when looking at data as an asset. Data has also been treated as a currency by people and organizations, which has impacted social relations to institutions. Lastly organizations have discovered that data itself may not be where the increased revenues really are, but in the analytics and insights that are generated from data.

The Asset of Data

Traditionally, assets held by a business or person, whether financial or physical, faced two limitations. These limitations were transactional, in that they could not be used at the same time by two people in the same way. The other was of depreciation, they lose value and quality overtime. Data is different though and very unique when acting as an asset. This is because data has near zero marginal costs. Meaning it costs a business or person nothing to copy a file or generate data directly. Additionally, data does not depreciate with usage. This has impacted business models over the last few decades with many services that previously were restricted by these hard limitations to now being able to thrive with near infinite reproduction and usage. The most striking example in this case is of Netflix and Blockbuster.

The Currency of Data

If you’re running a business online you may be familiar with some inbound marketing practices which include those forms that popup before you download an item. Data has become the price people pay to use services or access goods that they want. Google, Facebook, and many other services rely on the data generated from user activity to keep their services running. The data they accumulate and analyze can all be traded with other companies for more data or exchanged for the various fiat currencies we use today.

Identification and Prioritization

Understanding what you can do with data is important, but financial valuation requires some organization first. Your data classification should be adapted to your organizations material or process conditions, as well as the regulatory requirements you need to meet. The simplest classification method is based on how public or confidential the data is. This would look like:

  • Public Data: This includes anything that is intentionally available to the public. May include financial filings, press releases, marketing materials, and public databases.
  • Internal Data: Internal data includes anything proprietary including intellectual property. You would include most of your analytic analysis here that you may wish to sell later on. This can also include employment data, stakeholder information, and any trusted information from partners.
  • Confidential: Data that is classified as confidential will likely be determined by regulation but there may be other reasons you classify data as confidential. For example credit card data is required to be confidential under the Payment Card Industry (PCI) standard.
  • Regulation Required: This last classification is reserved for data that may be required to be kept or generated for a certain period of time. Data breaches at this level will likely cause your organization to suffer very serious fines.

Valuation

Once your data is organized and grouped you can then segment the data based on how you can use it in the marketplace and assign a financial value to the data. You would know what departments the data came from, so you can measure what the costs would be to operations to maintain it. The important part of valuation is to understand is how valuable is the data or the insights you possess to other businesses or people? One you identify that you will be able to determine a fair price to charge them for access. All while you maintain ownership of the data. Another cost to consider is the how much would a data breach cost the brand. Future client loss from a breach should be factored in as well. The most important part of valuation is measuring what the impact of fins will be as well.

Threats and Protection of Data

Now that you know the worth of your data, the most important part is to protect your fortune. The most significant threat to your data is not a technology flaw. But rather the very people you work or partner with. Your insiders, most notably the negligent ones, have the potential to cause sever damage to your business as it stands right now. While scheming hackers and malicious insiders do exist, most security solutions do a lot to prevent them. Negligent insiders however can cause damage just by being naive. This goes beyond the computer or mobile device and could be something as simple as speaking about confidential information in public or to a trusted friend.

Negligent insider threats though can be deterred by analytics, specifically user behavioral analytics (UBA). Currently UBA provides the strongest security return on investment, user education is a close runner up.

With the advancement of information technology, data has become the center of economy and very much is the new oil. However the unique economic characteristics of data, zero marginal costs and no depreciation, make data a game changer. As every organization produces data you will need to be sure to do your best to protect this data.

Joshua Morales

Joshua Morales

Joshua Morales is a San Juan based writer who enjoys producing cyber-security insights for business leaders around the globe.
He can also be found writing about sustainability, capital markets, and open-source software. Joshua can be contacted at joshua@teramind.co

You may also like...

1 Response

  1. October 9, 2017

    […] systems. Any employee, vendor, manager, strategic partner, or anyone really who has access to sensitive information in your organization may be considered an insider. The potential for an insider to make sensitive […]

Leave a Reply

Your email address will not be published. Required fields are marked *