Artificial Intelligence | News | Insights | AiThority
[bsfp-cryptocurrency style=”widget-18″ align=”marquee” columns=”6″ coins=”selected” coins-count=”6″ coins-selected=”BTC,ETH,XRP,LTC,EOS,ADA,XLM,NEO,LTC,EOS,XEM,DASH,USDT,BNB,QTUM,XVG,ONT,ZEC,STEEM” currency=”USD” title=”Cryptocurrency Widget” show_title=”0″ icon=”” scheme=”light” bs-show-desktop=”1″ bs-show-tablet=”1″ bs-show-phone=”1″ custom-css-class=”” custom-id=”” css=”.vc_custom_1523079266073{margin-bottom: 0px !important;padding-top: 0px !important;padding-bottom: 0px !important;}”]

Data Assets at Risk from IT Security Misvaluation

Ponemon research finds that IT Security underestimates the value of business assets by more than 50 percent

IT Security departments are incorrectly estimating the value of business information, leading to insufficient investment into the availability, protection and security of the most commercially valuable types of documents a business holds, according to new research from the Ponemon Institute.

The research, which was commissioned by leading data management company DocAuthority, surveyed 2,827 professionals in the United States and United Kingdom across seven functional areas. The results found that when asked to estimate the monetary value of different types of business information, IT Security departments undervalued documents including research and development (R&D) and financial reports, while excessively prioritizing less sensitive Personally Identifiable Information (PII) data.

Read More: Calabrio Delivers Powerful Enterprise Scalability and Management Capabilities

This increases the chance of a major data breach, the mishandling of access rights for employees, and the application of incorrect levels of security to low-value documents:

  • IT Security departments estimated the value of R&D documents at less than 50 percent of what the business would estimate their worth, predicting that it would cost $306,545 to reconstruct an R&D document compared to $704,619 as estimated by the R&D department itself
  • IT Security departments also underestimated financial impact of a financial report being leaked, at $131,570 versus the $303,182 that the Finance department believes it would incur from this incident
  • In contrast, IT Security departments overvalued monthly salary lists at $94,148, compared $57,477, the value attributed to the same asset by Human Resources

Read More: Interview with Ben Goertzel, CEO at SingularityNET

“Typically, the security and protection of business data is considered to be the responsibility of the IT Security department. Yet it’s clear from this research that IT Security does not have the vitally-important context required to understand the true value of that data, and in turn create an effective strategy for defending it,” says Doctor Larry Ponemon, Chairman and Founder of the Ponemon Institute. “Rather than being relegated to IT, data and its protection should be the concern of not only management level, but the business as a whole.”

Steve Abbott, the CEO of DocAuthority, comments: “Only around five percent of data retained by businesses will be crucial to running the current and future organization. Despite this, most businesses still apply unrepresentative, or ‘one size fits all’ levels of security to their data assets. Businesses need to consider how they can take a more strategic and cost-effective approach by identifying critical data that is worth security investment. While a manual scan of unstructured data held by a typical 5,000 seat organization could take up to 400 years, Artificial Intelligence (AI) tools can help businesses identify and categorize data with an unprecedented level of accuracy, in a rapid timeframe.”

Read More: Palo Alto Networks Appoints Amit K. Singh as President

Steve Abbott adds, “It’s important to consider that obscurity around data could have far reaching ramifications. Despite company data being a hugely valuable business asset, organizations rarely have a clear view of what they own and what it’s worth. As a result, within the context of a sale for example, data assets are likely to be overlooked as part of a business’s valuation. We are confident that this will change as the business world starts to understand how data can impact a business’s bottom line.”

Read More: Interview with Angel Gambino, CEO and Founder of Sensai

Notes to editors

Ponemon has developed a framework of six criteria to more accurately assess the value of corporate data. By assigning a rank of the importance of each element on a scale of 1 = not important to 10 = essential, they have a better chance of aligning their security strategy with their most valuable assets:

  • Intrinsic value – Pertains to how correct, complete and exclusive is this data
  • Business value – Relates to how good and relevant is this data for specific purposes
  • Performance value – Pertains to how does this data affect key business drivers
  • Cost value – Refers to what would it cost the organization if the data was lost or leaked outside
  • Market value – Links to what your organization can earn from selling or trading this information
  • Economic value – Pertains to how the information contributes to the organization’s bottom line

Read More: Interview with Jeffrey Kofman, CEO and Founder at Trint

Leave A Reply

Your email address will not be published.