- Advertisement -

HOME NEWS INSIGHTS RESOURCES    

DATA PRIVACY INSIGHTS · 5 MIN READ

Data Intelligence Not as Security, but as Accountability

ROB PERRY · OCTOBER 30, 2019

a Share d Tweet k Share h Pin it 1 3

The information economy has grown rapidly over the past decade—and for a while, with
seemingly few controls. However, in recent years, organizations have been confronted
with the IT version of Newton’s third law: for every (innovative) action, comes an equal
and opposite reaction. In the case of information-driven business, that reaction is risk.

- Advertisement -
Data breaches, cyberattacks and other
challenges to data privacy have increased
dramatically. In the rst half of 2018 alone, there
were 945 data breaches that compromised 4.5
billion data records worldwide. In 2019, there
have been 2.7 billion identity records posted
online for sale already. These breaches – and
their implications for data privacy – have
in ltrated even high-pro le companies for
years.

This year, Capital One announced a data breach

that impacted about 100 million U.S. consumers and 6 million Canadian consumers. The
stolen data put at risk personal information collected in credit card applications,
including applicants’ names, social security numbers, addresses, dates of birth and self-
reported incomes. In this case, it was not clear how the hacker planned to exploit the
personal information. However, in last year’s Facebook-Cambridge Analytica scandal –
not strictly a breach but still the unauthorized collection and use of personal data – the
motive was vividly clear. Cambridge Analytica, a political data rm, gained access to the
personal information of more than 50 million Facebook users, which it used to model the
personalities of American voters in order to attempt to in uence their behavior. This case
was recently reexamined in Net ix’s documentary, The Great Hack.

While these two incidents deal with different issues, they are similar in a surprising way:
both were perpetrated by someone with inside knowledge of or access to the companies.
In the case of Capital One, the hacker was a software engineer who used to work for the
cloud hosting company Capital One was using. For Facebook-Cambridge Analytica,
Cambridge Analytica shared a survey that gained consent from hundreds of thousands of
consumers but also granted access – without consent – to several million more, which it
knowingly harvested.

Again, these cases highlight different data privacy challenges, but they raise the same
question: how can today’s data-driven businesses protect consumers’ personal
information from risk, especially when coming from inside the organization? While
important, a rewall doesn’t keep internal bad actors – even negligent data handlers –
from mismanaging or abusing information.

- Advertisement -
 Moroccanoil Discovery Kit
$
29.00
Add to Cart

Cybersecurity is not the silver bullet that keeps data safe from the internal and external
werewolves seeking to misappropriate it. Organizations need to ensure internal
stakeholders are held accountable. In fact, as the focus on data privacy heightens, so
must the conversation about accountability and end-to-end transparency. The goal is not
to make companies distrust their employees. Rather, they need to trust their data and
how they manage it. The more organizations understand what personal information they
have, where it is stored and who has access to it, the better they can ensure all data is
properly used and secured and, thus, at reduced risk of theft. To gain this visibility,
organizations need to implement new processes and technologies. Creating data
intelligence helps organizations establish the necessary trust with the data and the data
management they have in place.

Data intelligence isn’t always part of the cybersecurity conversation. However, as

information management catches up to data-driven business, it deserves to be heard.
Data governance and regulations such as the GDPR and CCPA can be motivators for good
data behavior—but they also require an understanding of what data they have, what data
needs protecting, how they can protect it, and, importantly, where it came from. Building
an inventory of data assets answers these questions for organizations. In the case of a
breach, it enables them to inform authorities and those affected while mitigating the
impact as much as possible. Organizations can also leverage data lineage capabilities to
trace data from its origin to its target – discovering where it came from, how systems
processed it and how it’s been used – or abused. Traceable data is trusted data, creating
con dence in decisions, encouraging internal adherence to governance policies and
reducing internal risk.
“Cambridge Analytica claimed to have 5,000 data points on every American voter. But it
was invisible. And so the question is, how do you make the invisible visible?” asked David
Carroll, a Parsons professor who fought to get his own data back from Cambridge
Analytica, in The Great Hack. While data visibility was certainly not the crux of the
Facebook-Cambridge Analytica scandal, it can be a de ning issue for the average
company. Most organizations are hindered by a lack of visibility across data siloes and
into today’s cloudy data lakes. Consequently, when auditors come knocking or consumers
request their data be deleted, organizations aren’t able to comply – at least not quickly.
Data intelligence gives organizations visibility into their full data ecosystem, so they can
be agile, whether in the face of a privacy issue or pinpointing data for a business
initiative.

- Advertisement -

Data intelligence isn’t a cybersecurity solution. It won’t prevent hackers from stealing
personal information from companies’ data warehouses. However, if that worst-case
scenario occurs, organizations will know exactly what (or whose) information was in the
data warehouse, where it had been used and transformed and who had access to it. That
way, instead of having to ask concerned consumers to check their accounts for
suspicious activity – as Capital One did after its data breach – organizations can know
who was impacted and be targeted in their responses. In this way, data intelligence can
hold organizations accountable to the level of service that today’s consumers expect.

“Data is the most valuable asset on Earth,” said Cambridge Analytica’s Brittany Kaiser in
The Great Hack. She’s right. Consequently, its safety, privacy and security are more
important than ever. With new proposed regulations such as the Dashboard Act, which
would quantify the idea of “data as an asset,” companies would be required to tell
consumers how the business nancially bene ts from the data they or their partners
collect. If this is enacted, consumers will have a full understanding of the value the
collecting organization lost on their behalf in a data breach. In preparation for this future,
organizations must revisit what it means for data to be safe – understanding that
accountability, while separate, is complementary to security.
 Organizations need to ensure internal stakeholders are also held
accountable for data #privacy issues. #respectdata
Click to Tweet d
To survive in the information economy, today’s companies must run a transparent,
trusted, data-driven business. Data intelligence and data governance show consumers
that organizations care about their data—they know where it is, who has it and why. For
years, information management was racing to catch up with innovation, and as a result,
many of today’s organizations have found themselves in a fender bender. Instead of
ignoring the laws of motion, they need to brace for the equal and opposite reaction,
prepare for risk with the right insurance and learn how to drive innovation more
responsibly to avoid unintended collisions and keep the passengers (and their personal
information) safe.

Stay Updated
Get noti ed of new articles and relevant events.

Type your email

I agree to the privacy policy

SUBMIT

a Share d Tweet k Share h Pin it 1 3

- Advertisement -

TAGS #C Y B ER D E F E N S E #DATA G OV E R N A N C E #DATA I NT E L L I G E N C E

Rob Perry
VP of Product Marketing at ASG Technologies

Rob Perry is ASG’s Vice President of Product Marketing where he focuses on driving
partner initiatives. He has a broad background in product management and product
marketing, developed at a range of technology industry leaders including CSC, Inc,
Siemens, Microsoft and Lotus Development. Rob has helped bring major software
products to market including SharePoint 2007, Lotus Notes and Lotus 1-2-3. Rob was
also an analyst covering the market for internet information tools at Yankee Group.
He has a BA in Economics from the University of Virginia and lives south of Boston
where he sails in the summer and skis in the winter.

- Advertisement -

- Advertisement -
 - Advertisement -

Get a Quote

- Advertisement -
LATEST

Using Access Management for Your Active Directory Users

Fraudsters Steal $15 Million From American Businesses Through a Coordinated BEC
Scam

In the Age of Coronavirus, Infectious Disease Isn’t the Top Business Risk in the US; Cyber
Attacks Are

Preventing Hackers From Transforming Apps Into Trojans

- Advertisement -

- Advertisement -

- Advertisement -

- Advertisement -

- Advertisement -

- Advertisement -
LEARN MORE

About
Contact
Our Advertising
Privacy Policy
Cookie Policy
Terms of Use

STAY UPDATED

Get notified of new articles and relevant events.

Type your email

I agree to the privacy policy

SUBMIT

FOLLOW US

   
 LEARN STAY UPDATED FOLLOW US
MORE
Get notified of new articles and relevant    
About events.
News, insights and Contact
resources for data Our Advertising Type your email
protection, privacy and Privacy Policy
cyber security Cookie Policy I agree to the privacy policy
professionals. Terms of Use
Privacy Center SUBMIT
Do not sell my
information

© 2020 Rezonen Pte. Ltd.

