Measuring The Economic Value of Data

Uploaded on 2017-09-18 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-Financial

Today, there are new and changing uses of data in the digital economy. The big questions however are, who is winning with data, where is this data being kept, what makes new data different, when should data be kept, moved, deleted or transformed, how should data be valued, and why data is so much more important than it used to be?

Data is one of the most important assets that any company has, but it’s surprising that we don’t put the same rigor into understanding and measuring the value of our data that we put into more traditional physical assets. 

Furthermore, should data be depreciated as an asset? Or perhaps it appreciates like art. Counter-intuitively, the answer is “yes” to both.

To measure the value of data, we can apply some simple economic principles. For example, we know from IT forecasts that the amount of digital data being produced is much higher than the amount of data storage being purchased. 
Why is this the case? Simply put: Some data is produced, but not stored. Applying a simple supply and demand curve helps to explain why. (Source: IDC Digital Universe, Recode.)
The “supply” curve is storage capacity. This capacity is available at a range of prices, but there is a minimum price threshold for storage capacity. The “demand” curve is data produced. This data creates a demand for storage capacity. That data is stored as long as the value of the data exceeds the cost to store and access it over time. A simple equation to represent this is: 

Data Value (t) >= (Sc + Mc + Ac)/GB/yr * Retention period

Basically data value as a function of time must be greater than the sum of the cost for networking, compute and storage infrastructure(Sc), the cost to maintain the data and infrastructure (Mc) and the cost to access the data (Ac). To normalize between cloud and non-cloud IaaS, all of the measures are per unit per year. This cost is also a function of time, as measured by the retention period for the data.

Of course, in real life, the equation is not quite so simple. The cost to store and maintain data depends on how long it must be kept, whether it must be protected and secured, etc. There is also a penalty for keeping data because there is an increased risk of security violations, and a risk of data loss or data corruption over time.

On the value side of the equation, there is not a well-defined measure for data value. The value of data is really a measure of business value as a result of using or analysing that data in some way. In addition, there is a correlation between the amount of data kept, how accessible that data is, and its value. 

For example, having more data makes all of the data more valuable if the use of the data depends on a historical trend. For example, use of machine learning is already changing the value of larger data sets because most machine learning algorithms work better when trained with large amounts of data.

The area under the curve represents the amount of data that is created but not stored because its value is perceived to be lower than the cost to keep it. If we start with the hypothesis that people would keep all of the digital data that they produce if they could, then we want to eliminate the area under the curve. In order to do that, we need to either lower the cost of storing and maintaining data or increase the value of the data, or both. 

Once we accept the premise that data value should be measured, what would we do with this measure? On the infrastructure side, we focus solutions on maximising the data value measure, rather than a more infrastructure-specific measure, like unit price, power usage efficiency, or cross connect per month cost. 

That will drive innovation in infrastructure solutions in two distinct directions: Lower total cost of ownership on the one hand, and increased enablement for increasing data value on the other hand. This might encompass features for index and search, built in analytics interfaces, data movers, etc.   

Eenterprises need to start applying their own business metrics to establishing a value for their data. Historically, enterprises have done this primarily for measuring changes in data value over time, under the assumption that older data is less valuable because it is accessed less. 

This is no longer a valid assumption, and access to data is not the most relevant measure of its value, but rather the analytical output of data.

Network World

You Might Also Read:

4 Ways to Simplify Your Business Data Management:

Tech Giants Put Big Data To Work:

 

« Cybercrime In The EU - Where Are You Safe?
Global Cyber Conflict Is Close »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

C3IA Solutions

C3IA Solutions

C3IA Solutions is an NCSC-certified Cyber Consultancy providing assured, tailored advice to keep your information secure and data protected.

TBG Security

TBG Security

TBG provides a portfolio of services including cyber security, compliance and continuity solutions.

Endace

Endace

Endace is a leader in network visibility, network recording and packet capture solutions for security, network and application performance monitoring.

Alan Boswell Group

Alan Boswell Group

We are a Group of Companies providing specialist Insurance Broking and Risk Management advice and services including Cyber Risk cover.

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

Snyk

Snyk

Snyk is the leader in developer security. We empower the world’s developers to build secure applications and equip security teams to meet the demands of the digital world.

CERT-PH

CERT-PH

CERT-PH is the National Computer Emergency Response Team and the highest body for cybersecurity related activities in the Philippines.

Multitel

Multitel

Multitel is an independent research centre. We develop and integrate emerging technologies into the industrial fabric at the regional and international levels.

Monster Jobs

Monster Jobs

Monster is a global leader in connecting people to jobs, wherever they are. Monster covers all job sectors including cybersecurity in locations around the world.

Cyber Pop-Up

Cyber Pop-Up

Cyber Pop-Up provide on-demand access to top security experts. No recruiting. No onboarding. No overhead costs.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

AaDya

AaDya

AaDya provide smart, simple, affordable and effective cybersecurity software solutions for small and medium businesses.

Netlinkz

Netlinkz

Netlinkz has developed the Virtual Secure Network (VSN) overlay technology platform, a breakthrough in connectivity security, speed, and simplicity.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

Digital Catapult

Digital Catapult

Digital Catapult is the UK authority on advanced digital technology. We bring out the best in business by accelerating new possibilities with advanced digital technologies.

Mercury Systems

Mercury Systems

Mercury Systems is the leader in making trusted, secure mission-critical technologies profoundly more accessible to aerospace and defense.

Cynclair

Cynclair

Cybersecurity is a complex beast. And we're the beast-tamers. Our team thrives on deciphering the latest threats, building cutting-edge defenses, and making your digital world much safer.

QRC Assurance & Solutions

QRC Assurance & Solutions

QRC is a PCI QSA, QPA, ISO accredited, CPA and CERT-IN empanelled organization with vast experience in conducting certification, regulatory audits, pen testing services, training and more.