network systems to better understand the different sensitivity levels of that data. Machine learning and
metadata applied during this process helps take this understanding to a deeper level by building context
around data, enabling organizations to set more customized security policies for information handling.
These information handling practices generally still fall in the realm of cyber defense — you are reacting
to protect your data against cybercrime. However, data protection technologies that make use of
metadata enable you to tag data with various details and assign categories to help extract the real value
of data. Knowing the deeper context around your data allows you to pivot into a more offensive mode,
applying data protection strategies and tools to propel the business forward.
As your data protection technologies reveal the broader context of data, that context offers data security
professionals a new way of speaking with the executive leaders in your organization. In offensive mode,
they can show how valuable your data can be for business purposes, as well as determining what data
is critical (and should have most stringent protection) and what data is fine for public consumption (and
does not need advanced protection).
Infonomics: Measuring, monetizing and managing data
We’ve all heard “data is the new oil” for quite some time now, but how can we quantify the value of this
new commodity? If we can categorize our data using metadata and begin to understand the context
around it, its value will begin to emerge.
Is this a confidential document that was tagged by someone in R&D? Is it a confidential document that
was tagged by someone in finance? And is that financial information a balance sheet or a cash flow
statement?
Let’s say you can identify 10,000 documents in your system containing R&D data. If you know the context
around those 10,000 R&D documents, you can begin to understand how long it takes a project to get out
the door. So how much is each of those documents worth? What is the financial risk to the business if
they are lost or stolen?
Some files and documents contain personally identifiable information (PII) or personal health information
(PHI). The financial risks related to this type of data have more to do with noncompliance fines, possible
monetary liability to customers and employees, and the costs of overcoming damage to brand reputation.
Other documents contain data that could spur business innovation and growth, and the financial risk can
be calculated according to potential revenue opportunities.
Through metadata tags on other types of files, emails and documents, you can learn more about your
customers or about your sales cycles. For example, if your business has a good quarter, you can look
back to find how many times the word “quote” or “RFP” appeared in emails and documents over the past
three months and begin to predict the next quarter’s outcomes.
According to Gartner research, by 2022, 90% of corporate strategies will explicitly mention information
as a critical enterprise asset. Currently, however, Gartner says, “... most information and business
leaders lack the information and tools to monetize information ... because the value of information itself