Measuring The Economic Value of Data

Uploaded on 2017-09-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Today, there are new and changing uses of data in the digital economy. The big questions however are, who is winning with data, where is this data being kept, what makes new data different, when should data be kept, moved, deleted or transformed, how should data be valued, and why data is so much more important than it used to be?

Data is one of the most important assets that any company has, but it’s surprising that we don’t put the same rigor into understanding and measuring the value of our data that we put into more traditional physical assets. 

Furthermore, should data be depreciated as an asset? Or perhaps it appreciates like art. Counter-intuitively, the answer is “yes” to both.

To measure the value of data, we can apply some simple economic principles. For example, we know from IT forecasts that the amount of digital data being produced is much higher than the amount of data storage being purchased. 
Why is this the case? Simply put: Some data is produced, but not stored. Applying a simple supply and demand curve helps to explain why. (Source: IDC Digital Universe, Recode.)
The “supply” curve is storage capacity. This capacity is available at a range of prices, but there is a minimum price threshold for storage capacity. The “demand” curve is data produced. This data creates a demand for storage capacity. That data is stored as long as the value of the data exceeds the cost to store and access it over time. A simple equation to represent this is: 

Data Value (t) >= (Sc + Mc + Ac)/GB/yr * Retention period

Basically data value as a function of time must be greater than the sum of the cost for networking, compute and storage infrastructure(Sc), the cost to maintain the data and infrastructure (Mc) and the cost to access the data (Ac). To normalize between cloud and non-cloud IaaS, all of the measures are per unit per year. This cost is also a function of time, as measured by the retention period for the data.

Of course, in real life, the equation is not quite so simple. The cost to store and maintain data depends on how long it must be kept, whether it must be protected and secured, etc. There is also a penalty for keeping data because there is an increased risk of security violations, and a risk of data loss or data corruption over time.

On the value side of the equation, there is not a well-defined measure for data value. The value of data is really a measure of business value as a result of using or analysing that data in some way. In addition, there is a correlation between the amount of data kept, how accessible that data is, and its value. 

For example, having more data makes all of the data more valuable if the use of the data depends on a historical trend. For example, use of machine learning is already changing the value of larger data sets because most machine learning algorithms work better when trained with large amounts of data.

The area under the curve represents the amount of data that is created but not stored because its value is perceived to be lower than the cost to keep it. If we start with the hypothesis that people would keep all of the digital data that they produce if they could, then we want to eliminate the area under the curve. In order to do that, we need to either lower the cost of storing and maintaining data or increase the value of the data, or both. 

Once we accept the premise that data value should be measured, what would we do with this measure? On the infrastructure side, we focus solutions on maximising the data value measure, rather than a more infrastructure-specific measure, like unit price, power usage efficiency, or cross connect per month cost. 

That will drive innovation in infrastructure solutions in two distinct directions: Lower total cost of ownership on the one hand, and increased enablement for increasing data value on the other hand. This might encompass features for index and search, built in analytics interfaces, data movers, etc.   

Eenterprises need to start applying their own business metrics to establishing a value for their data. Historically, enterprises have done this primarily for measuring changes in data value over time, under the assumption that older data is less valuable because it is accessed less. 

This is no longer a valid assumption, and access to data is not the most relevant measure of its value, but rather the analytical output of data.

Network World

You Might Also Read:

4 Ways to Simplify Your Business Data Management:

Tech Giants Put Big Data To Work:

 

« Cybercrime In The EU - Where Are You Safe?
Global Cyber Conflict Is Close »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Sapphire

Sapphire

Sapphire deliver flexible and scalable cybersecurity solutions, helping organisations to detect, protect, respond and remediate against cyber threats.

Council of European Professional Informatics Societies (CEPIS)

Council of European Professional Informatics Societies (CEPIS)

CEPIS is the representative body of national informatics associations throughout Europe and represent over 450,000 ICT and informatics professionals in 32 countries.

Exabeam

Exabeam

Exabeam is a global cybersecurity leader that delivers AI-driven security operations.

Panorays

Panorays

Panorays automates third-party security lifecycle management. It is a SaaS-based platform, with no installation needed.

Findcourses.co.uk

Findcourses.co.uk

Findcourses is a dedicated education search engine designed to make it easy for our learners to search and find exactly what they need from our community of trusted training providers.

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo

Cloud & Cyber Security Expo is the UK’s largest cloud and cyber security event.

CRI Group

CRI Group

CRI Group excels at deterring, detecting and investigating crimes against businesses using a global network of professionals specially trained in Anti-Corruption, Risk Management and Compliance.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Wabbi

Wabbi

Wabbi’s continuous security platform centralizes, automates and orchestrates security governance and vulnerability management to empower development teams to own appsec.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

Randaemon

Randaemon

RANDAEMON’s mission is to create True Random Number Generators (TRNG) that are hardware-based and integrated into System-on-Chip.

ATHENE National Research Center For Applied Cybersecurity

ATHENE National Research Center For Applied Cybersecurity

ATHENE is the largest research center for cybersecurity and privacy in Europe, conducting application-oriented top-level research for the benefit of the economy, society and the state.

Secjur

Secjur

Secjur is a provider of AI-based compliance tools that aim to put compliance, data protection, information security and whistleblowing on autopilot.

63 Moons Technologies (63MT)

63 Moons Technologies (63MT)

63 Moons Technologies is a world leader in providing next-generation technology ventures, innovations, platforms, and solutions.

Bearer

Bearer

Bearer helps modern teams ship trustworthy products with the help of our code security solution built for security, privacy and engineering teams.

WillCo Tech

WillCo Tech

WillCo Tech works to enhance national security and force readiness for military and commercial enterprises with a suite of software capabilities surrounding the human element of cybersecurity.