In recent years, many organizations have progressed in their data strategies, resulting in much more mature strategies. This is especially true with BrightPlanet customers. As such, the insights in the recent Harvard Business Review article certainly ring true with what we see in the market today. We thought it would be useful to share with you some of our observations on what our team has witnessed in the data strategy realm over the years.
Data Management Strategy: Maturity is Key
To begin, the maturity model that groups like Gartner publish are accurate. And, although we’ve seen an increase in maturity in recent years, the reality is that most organizations are still scoring quite low on maturity model scorecards.
However, there seems to be a noticeable push by organizations to mature at a faster rate — suggesting that good things just take time and a bit of patience goes a long way.
Data Defense First
The article argues that a strong defense is the key to maturity and advancement — and we agree. We could apply Under Armour® ‘s popular phrase here: “Protect this House.” This concept applies not only to sports, but business in general. Ensuring that the “back of the house” is properly secure before developing offensive skills is the only way to ensure that you can go forth and conquer without worrying about back end attacks.
But the reality is, for most companies, compliance and regulatory issues force defense first. Unfortunately, this forced compliance propels businesses to develop a mindset based on a “cost center” scarlet letter. “How much do we have to pay to ensure we’re compliant?” becomes a common refrain among the CIO, CSO, and CISO crowds.
The quickest solutions to defensive compliance problems are often not the best long-term, financially sound decisions.
Buying software that will monitor the network for data leakage, ensure data integrity, and report attempts at data exfiltration are just a few of the commonly used “check the box” decisions made by executives at less-than-data-mature organizations. While these solutions seem to provide a quick fix, there is a better, more effective, way.
Organizations need to conduct solid internal Master Data Management (MDM) activities and ensure that all internal data is properly assessed for its value today and in the future. Their data must also be structured in such a way that ensures its efficient use in analytics in the future.
Scalable, Supportive Data Management
A mature organization should be thinking about how to ensure that solutions are scalable and positioned to support the complete (both offensive and defensive) data management needs of an organization.
To complete the defensive side of the conversation, let’s consider leveraging a managed services firm — a pure-play security provider — that can ensure data integrity, data exfiltration monitoring, incident response, proactive active threat hunting, and ongoing thought leadership for Board support, etc.
There is a well-known shortage of true talent and resources in the cyber security sector, not to mention issues with talent acquisition, retention, and infrastructure required to develop the same level of expertise and execution in-house.
Save yourself the headaches and hard costs associated with in-house solutions and instead leverage the best-managed services you can find. Remember the “let’s buy software to check the box” mindset?
Well, the right managed services firms will be technology agnostic, which means you won’t have to worry about ensuring the right software is maintained for the task — that’s their job. You have one partner to manage, and that partner is going to leverage the right tools and exceed your expectations (or at least meet the Service Level Agreement).
Leave it to the Experts
While it does make sense for the CDO, CIO, or CISO of an organization to lead and steward the organization forward on the right path, there is no real need for the in-house resources of an entire IT security team to do so unless you are a three-letter agency or an organization with too much profit.
The specialization in the sector specific to open source intelligence, internal/external threat hunting, security services execution, advanced algorithms for detection, proactive assessments, and forensics is beyond the knowledge of any one person.
Leverage the right managed services with the right team. This should not intimidate the C-level of an organization — it should give them confidence.
Now – Go On the Offensive
As the Harvard Business Review document articulated, now that the data protection mandate is well under control, organizations can dedicate time and resources to their offensive attacks, allowing them to generate insights to help generate revenue.
One important consideration, though, is that it’s very important NOT to forget about the abilities of the defensive team to support the offensive team.
As an example — the expertise that monitors open sources for external threats is the same team of experts that can help develop and build offensive intelligence capabilities. Such capabilities include monitoring for: competitor actions, customer demands, new market entrants, possible acquisition targets, possible new markets for existing products or services, etc.
Let your teams help each other, and decided where their time is best spent.
Think Through Your Data Strategy with BrightPlanet
When thinking through all of the issues surrounding data strategy, take the time to step back and think high level. Where does your organization want to be positioned in three to five years? This exercise will help shape the way that you approach vendors, staffing, and overall spend on data management.
Need help thinking this through? We’re happy to help. Put our expert data engineers to work for you right away with a DEEP review.
Learn more about the DEEP review process and schedule a free consultation with a Data Acquisition Engineer by clicking on the button below.