Five Steps to Preventing Data Breaches

Data breaches are now practically a daily event. This isn’t just a casual statement; it’s a fact. Recent statistics indicate that there were over 100 million data breaches in the beginning of 2017 alone. Cybercriminals are using innovative and advanced methods to gain unauthorized access and the only way to fight them is to take strong pre-emptive measures.

Data is everything in today’s business world and if your data gets into the wrong hands, you are looking at some serious consequences. So, make sure you’ve got everything covered. Here are 6 key steps to help you out.

  1. Automate your security

To prevent data breaches, whether they’re caused by insiders or hackers, companies must work towards establishing robust IT policies throughout their data protection systems and network. They must carry out a periodic assessment of the technical and procedural controls that have been established.

In fact, automating these checks can go a long way in preventing breaches.

  1. Create awareness among end users

The end user can often end up being the vulnerability. However, companies can avoid this by offering awareness training. The training program must be focused towards altering the entire organization’s mind-set towards being focused on security.

Other than that, the training must also aid the end user in identifying threats.

  1. Protect information wherever it may be

We live in an information era and the perimeter approach to online security isn’t applicable anymore. Information must be protected wherever it is located; this includes storage and the various channels through which the information is shared.

Unified data protection policies must be enforced across the enterprise.

  1. Assess vulnerabilities periodically

Vulnerability assessments must be carried out on a regular basis. Sadly, most organizations do not do this often enough. A weekly vulnerability assessment would be ideal. Also, the assessments must be done for each and every system that’s connected to the network.

  1. Prevent data exfiltration

Even when incursions are successful, it is still possible to prevent the actual breach by using network software. Network software can identify data exfiltration and block it. Outbound transmissions can be prevented by leveraging a combination of security event management and data loss prevention solutions.

Every CEO’s Data Security Checklist

Data security is more important than ever if we are to go by the latest statistics on security breaches and data theft. Equifax is only the latest example; mind you, there are attempts being made to breach organizations as you read this.

Now, cybersecurity is a massive area of interest that requires the involvement of everybody in the organization; right from the top to the bottom. This obviously includes the CEO. CEOs play a critical role in ensuring that everything is in perfect shape security-wise.

After all, we are talking about the company’s reputation here. So, if you’re a CEO who hasn’t paid attention to your company’s cybersecurity situation, it’s high time you went through this checklist.

  1. Meet the IT team

Meeting the IT team on a regular basis keeps you aware of what’s going on with regard to your organization’s security concerns. Maybe, there are new challenges that require solutions at the policy level. Whatever the need might be, it is good for a CEO to stay updated in order for those problems to be solved.

  1. Conduct an inventory of critical assets

Your organization obviously creates a ton of content and data footprint, and this is transmitted through various channels. The content and the data that you create are critical assets and you need to ensure that they are protected well enough.

The last thing you need is for your data and content to be compromised, so don’t compromise on their security. Fortunately, in the digital age these could be digital assets.

  1. Review your data security policies & processes

Data security policies as well as processes need to be reviewed on a periodic basis. The problem with data security is that the requirements keep changing as technology evolves and cybercriminals become more creative. As a result, reviewing and updating policies as well as the processes is a must.

As the CEO, you have to know what’s being done to keep up with the changing security trends as well.

  1. Establish an Incident Response Plan

Even if you’ve got the best security solution possible, things can still go wrong. When this happens, the only people you can depend on are your people – your employees, your partners. But, what happens if they have no clue to what an appropriate response should be?

This is exactly why you need an Incident Response Plan in place to ensure that mission-critical tasks can still continue. The plan must also include identifying the cause of the attack in order to ensure that another one can be prevented.

This certainly is not an exhaustive checklist but it sure is a good start for an enterprise of any size.

Equifax Data Breach: Humbled by a Business Strategy Breach

Google “security breach” and one of the first items of news you’re likely to come across would be about the recent breach at Equifax.

The Equifax hack led to the exposure of personal information that belonged to over a 100 million people. Naturally, the magnitude of the breach has stirred up discussions concerning ethics, legal liabilities, and public relations. Of course, Equifax has found itself in a great dilemma.

Now, we could spend all day debating where Equifax went wrong and what they should or could have done. However, that would be counterproductive. The best thing that other organizations can do right now is to learn from the mistakes made by Equifax. Here are a few key ones that are worth the observation.

Failure to protect data

The first round of reports placed the blame on an ignored bug within the Apache Struts application.

Now, we aren’t going to argue the authenticity of this report. But, it’s safe to assume that there were other vulnerabilities that existed as well. Single vulnerability points are rarely known to lead to breaches of this magnitude.

There are a few key questions that we need to ask. Firstly, why was so much data made available to a web application? Secondly, could there have been protective measures in place to avoid this kind of a compromise? Thirdly, should Equifax have assumed possible vulnerabilities in the web application?Finally, did Equifax do enough to prevent a data leak?

The answers to these questions need to deal with both, what caused the failure and what could have been done to prevent failure. It is necessary to look at the complete architecture in order to make sure that a single vulnerability does not impact the entire system. There must be other components withinthe architecture that can prevent further compromise.

Failure in detecting an intrusion

If protection doesn’t work, there must be robust detection capabilities in place to know that an intrusion is taking place. Equifax made a major mistake by allowing a single system to have access to all the data. Data access is a major area of concern and organizations must have the tools to assess data access at all times.

For example, network analytics is great when it comes to detecting strange or “out of the blue” activities. Similarly, behavioural analytics can be used to detect out of the ordinary access patterns.

It’s certainly NOT an IT only problem, especially in the digital age

 Most businesses which consider themselves to be ‘traditional’ in nature, would argue that these matters are for the back offices. However, the business models suitable for the digital age, would not tolerate that view point but would instead consider a business model that creates value in the digital age, and this would indeed consider the matter of data security well within the business strategy as well as the business model.

A data breach is breach to the business strategy.  Let’s have a business strategy that will minimize, prevent and then eventually eliminate data breaches

Three Superior Human Skills in the Digital Age

Technological advancements have allowed for organizations to stay connected to people within and outside the company walls. While face-to-face interaction isn’t the norm today, technology has brought forth the need for managers and subordinates to develop a specialized set of human skills that can help employees navigate these technological times.

In-season skills in the age of technology

While new skill sets are certainly prized, managers around the world stress on three traditional skills which are essential for employees of the digital age. In fact, managers and business leaders believe that these evolved traditional skills will help their personnel better manage the challenges and opportunities of new-age technology-based organizational environments.

Here are three superior human skills that you need to cultivate, in order to be successful in the digital age:

  1. Collaboration

With new technology being developed on a continuous basis, technical know-how will only get more specialized and out of reach. It’s important for personnel with this new knowledge to work together with their team, to facilitate sharing of technical knowledge and experiences.

Additionally, with team members working remotely from various corners of the world, collaboration with both people and machines becomes a priority to effect positive operational and strategic results.

  1. Communication

While technology has certainly been a blessing to organization-wide communication, it must be acknowledged that a lot of information gets lost in the system. Technology can only do so much when it comes to data processing, analysis, and communication. The rest is up to people.

From something as simple as tips on troubleshooting to highly confidential business information, employees need to learn how to navigate this complex technological landscape in order to effectively communicate pertinent information to their peers and supervisors.

  1. Emotional Intelligence

Technology has long been credited for being the cause of the loss of humanity in today’s organizational setting. While it’s debatable whether this is an undeserved allegation or not, the operational and strategic benefits of being emotionally responsible and responsive must be recognized.

The ability to sympathize, empathize and connect with people is a human gift, one that must be actively cultivated by employees across the organization. Being able to express and navigate emotions will help employees read non-verbal cues that data and technology fail to identify, allowing business leaders to take important decisions.

Human skills will only serve to complement digital know-how. Developing and cultivating these skills will equip employees with the skills needed to be successful in this digital age.

 

Nature First. People Second. Machines Later.

Technology specialists and business leaders have long predicted that technology will make people obsolete in workplaces and this prediction has partly come true. The World Economic Forum recently revealed that robotics and AI would result in loss of over 5 million jobs worldwide. Does this mean that we are prioritizing machines over people?

Machines in the form of automobiles and other carbon generators have had serious environmental impacts, leading to an enlarged carbon footprint and loss of biodiversity. It would seem that with the recent technological advances, we are not just putting machines over people; we are also putting them over nature.

But is this entirely true?

The new epoch

While technologies are reducing the human touch from the organization’s day-to-day operational activities and while they are having a negative impact on the environment; technological developments today are trying to preserve ecosystems and livelihoods.

Let’s address the issues individually. First, we have the problem of job automation leading to a loss of livelihood. Scientists and technology experts, including Tesla’s Elon Musk, believe that augmenting ourselves will help us avoid the threat of job automation.

Brain augmentation has become a reality. Scientists at Harvard are using technology – ultra-fine electronic meshes – to boost the human brain’s ability to receive, process and act upon neural inputs. This will allow our brains to behave like supercomputers, reducing our necessity to depend on actual computers. The objective is to use technology, not to replace people, but to complement and supplement their natural skills. An additional advantage of augmentation would be the easy identification of degenerative neural disorders, which will help doctors save millions of lives. It seems quite obvious that we are putting people ahead of machines.

Now for the second problem – technology’s impact on the environment. Google, on its 19th birthday, released a video of how the Charles Darwin Foundation was using its Street View software to map the Galapagos Islands, in an attempt to preserve this unique ecosystem.

Closer home you might see a carbon capture plant being set up. Global Thermostat and Carbon Engineering are two carbon capturing companies who plan to use technology to capture as much as 300,000 tons of CO2 emissions per year and use this carbon to make eco-friendly materials such as AirCarbon, which can in-turn, be converted to items such as chairs and baking soda. These are just a few of the examples of how technology is putting nature ahead of machines, and by extension, we are considering the well-being of people ahead of the welfare of machines.

A balancing act

While machines aren’t completely without blame, they mustn’t be blamed entirely either. At the end of the day, how we utilize technology and what we prioritize is up to us, as humans.

Harsh Realities of Digital Age Data Strategy

Businesses face multiple challenges when it comes to shaping their data strategy in the digital age. Choosing the right data, tools and technologies, hiring the right talent, handling analytics, building models that predict outcomes are some of them. Transformation of the business operations based on analytics and insights is the other major challenge facing organisations. What we mean here is ‘the ability to act on data’ as opposed to the ‘inability to act on data.’

Realities of digital age

Data which was historically easy to collect and process is now complex, unstructured and indeed, quite a lot in quantity as well. The huge influx of raw data from smart technologies, social media, videos and multiple other channels contain insights that are actionable. These insights further shape targeted strategies and informed decisions for businesses.

But, the question is whether the organisation is indeed ‘able to act on data?’ Does the culture, the available technology as well as other capabilities permit and enable appropriate action?

Regardless of where an organisation stands in their digital age journey, the first step for any organisation pursuing a digital age data strategy is to acknowledge and accept its position on a scale that measures their ‘ability to act on data’ as well as ‘inability to act on data’.

Once there is an honest introspection and acceptance of this reality, it is then a question of what needs to be done as the ‘next best action.’

Whether you are a CEO, COO, CDO or indeed a member of your company’s board, this honest introspection will certainly create opportunities which were previously not visible. This is sufficient clarity needed to empower the ‘datapreneurs’ of the organisation.

Datapreneurs shape data strategy

Datapreneurs by design pursue ‘enterprise value’.  There is indeed no time for petty politics and energy drains, that most large organisations suffer with. Empowered datapreneurs positively energise the organisations.  This in turn creates a ‘winning’ mindset within the wider organisation.

When this energy collides with data – magic happens!

Decisions are made more often, timing of those decisions would be just right and more importantly the reasons for the decisions would be in pursuit of value that is indeed for the betterment of the business eco-system the organisation operates in  whether this is just seen as the enterprise as a whole or indeed the whole world.

Three visible signs that your data strategy is working

A winning data strategy manifests in many ways.  Here are three obvious ones:

• Commoditising the technology infrastructure – There is evidence that your investments are being utilised in the right manner at scale.

• Industrialising data integration – Efficiencies are pursued ruthlessly, sweating every dollar and every byte of available data.

• Pervading reporting, analytics, and visualisation throughout the organisation – A culture that lives and breathes on data.

This is evidence that the combination of people, processes and technologies are in harmony creating value for the purpose of the enterprise.

With out a sound data strategy – there is a plethora of activities, maddening rush of just doing work for the sake of work and more importantly, there is a gross neglect of creating value for the shareholders, customer and other partners in the eco-system. Would you want your organisation without a sound data strategy?

How Video Marketing Can Be A Powerful Tool for Chief Data Officers

 

As data continues to grow as a major asset, Chief Data Officers (CDO) occupy center stage in the management of data. The huge data volume without appropriate and adequate consumption can cost companies billions of dollars, starting with opportunity costs. Consequently, CDOs are pressured to make their business case almost every time they are expected to invest a dollar, whether it is for regulatory responses or indeed growth and innovation pursuits, such as cloud migrations, for example.

It Hurts To Be A CDO Who Cannot Tell Stories With Data

A recent survey indicates that the volume of data within an enterprise will expand by 33% within thenext one year. Faster and more accurate data analytics will be the major demands from CDOs in the digital era.

Value creation with data is a key pressure point for any CDOs. And then, both the Chief Operating Officers as well as Chief Financial Officers expect and demand. Of course, the rest of the C-Suite also expects the CDO to deliver. In this context, it is imperative that the CDO of the digital age knows how to convince their organisations, C-Suites and indeed the boardroom. Any inability to convince or effectively demonstrate the value of data is a certain disaster. Such failures translate into millions or even billions of dollars of losses which neither the company nor the CDO can afford to accept. This is usually through miss-spending or failed projects or programs. In ability to invest in innovation investments is also very expensive.

Traditionally the Chief Information Officer, the Chief Financial Officer or the Chief Operations Officer handled data management.  Regardless of which ‘x’ in the CxO – It is imperative that the leader know how to manage and create value with data.

CDO, for that matter any leader, needs to have the ability to influence his followers.  More so, is the case of a CDO, who needs to help his or her organisation ‘visualize’ and more importantly create value with it. Story telling is a mandatory skill for a CDO.

Use Of Video Marketing To Create & Sell Stories

In this context, video marketing can be a powerful tool to create data centric stories in a format that appeals to people’s emotions. Value cases for data usage can be created using video marketing effectively.

CDOs can communicate the business value of data better, through video marketing in the following ways:

  • Demonstrate the use of certain actionable analytics to improve the bottom line
  • Creating transparency of the data and technology landscapes through videos
  • Feature personal stories of staff and people involved in creating value with data for the organisation

Video marketing, potentially bridges the gaps between the boardroom, the C-Suites and the entire organisation as it is one of the best forms of communicating in this digital age. If done right, there is no reason, why this cannot become a part of the mainstream organisational process.

Get Rid of Poor Data Quality Once and for All

The impact of poor quality data is felt both in terms of revenue as well as the reputation for organisations. Data quality issues cost businesses $600 billion per year according to a report by TDWI (The Data Warehouse Institute). A 2016 report by IBM estimates that the losses caused by poor data quality are almost $3 trillion annually.

Organisations also incur damage to their reputation which can vary from minor to major. One example is the roll out of Maps by Apple in which most of the data was inaccurate and not usable. Reputation damage also has a direct impact on revenues.

Striking the balance

While many businesses realise the criticality of data quality, they are not effective in striking the right balance in allocating resources to address data issues. Although businesses respond to regulatory demands to invest in data management, return on investment is a subject that eludes CFOs and COOs.

According to a report by KPMG, 84% of CEOs are not confident about the quality of data they are basing their decisions on. Two out of three executives are overwhelmed by the quantity of data that need to be analysed. In the digital era, technologies including Internet of Things and automation are leading to exponential growth of data. To be able to stay ahead of the competition, managing the data quality is becoming increasingly important for businesses.

A 10% increase in data accessibility can boost the net income by $65m for Fortune 1000 companies. Simplifying the data deluge management process with the right tools, methods, people and processes is basic to solving data quality issues.

The solutions

The first step to getting rid of poor data quality is to understand the relative importance of data. Focusing on the most important person-centric data, followed by products and services is critical to managing data quality.

  • The person-centric data should be of the highest quality and also well managed to enable businesses to run efficiently. In this context, businesses should know the relationship between Business Strategy-Business Model-Business Process-Data.
  • The most critical data for the business needs to get 100% in terms of quality. Before getting into big data analytics, it is crucial to get the quality of person-centric data right. The cost of not managing the quality of person-centric data can run into billions or trillions for businesses.

The Data as an Asset (DAAS) Index is a tool that helps create transparency required to address and manage data quality.  Just like in the industrial age – ZERO DEFECTS – is a possibility.

Patience and discipline is the basic foundation, though.

In the midst of burgeoning technologies.

It does Matter: A Case for Making People Relevant in the Age of Machines

In the age of big data, machines and artificial intelligence the relevance of people can be questioned. And the question may be justified when viewed with certain lenses. After all, this is a world in pursuit of ‘profits’.

However, good leaders do realise that businesses are made up of people who have a stake in them. These stakeholders include the employees, shareholders, consumers, partners, and vendors. These individual stakeholders in fact, drive the economy as a whole.

People create value

Since every enterprise is an orchestration of people, processes and technologies – purposeful value creation is based on how well people come together along with processes and technologies. Value can only be created by people for people. Digital age companies can only succeed when they ask themselves, “Do we have the right people in the right place to steer this ship in this age of uncertainties using the tools and technologies available?”.

Investing in people is the right strategy for companies. A successful company is only possible when successful teams are put together. The right talent at the right place is still going to be the critical factor for digital age success. People who have the right competencies across the value chain drive the success of enterprises.

Decision making with empathy is critical in the digital era

Data is available from every channel imaginable and machines are becoming smarter by the minute. But without the right people, who can understand and channelize all that data – progress is just not possible. Data must not only be well organized but be in the hands of the right people so that it supports managerial and executive decisions, followed by subsequent outcomes.

All business outcomes are a result of decision making. Right and well timed decisions result in good outcomes while a series of systematically bad decisions result in failure of businesses.

The culture within an organization is also set by people, and people only. Certainly, not by machines or AI! Creating a strong and adaptive culture in an enterprise is critical to succeeding in the digital age. Going digital is not about things or machines, but about “how you do things better. More importantly – for a better world!” The “how” of doing things is always up to the right people who can make the right decisions based on the tools and technologies available to them.

The right capabilities can help companies keep pace with their customer needs as digitalization changes consumer behaviour rapidly. Technical capabilities such as big-data analytics, artificial intelligence, digital content management, etc are crucial for success in the Digital Age.

But nothing to replace what a human and only a human can do best, in any process.  And that is – to empathize!