A New Age of Data Liability: More than Data Loss Protection

Carl Ascenzo
Zach Slayton
Data

In today’s world, data is the lifeblood of many organizations. Data is a valuable asset that helps many organizations thrive.  As the value of data increases so do the risks associated with data. If left unchecked, the damages caused by inappropriate storage, handling and accountability of data can create significant business liabilities that outweigh the positive value that data otherwise brings. This trend has pushed us across the tipping point and brought us to a new age of  data liability.  

Historically, organizations have viewed data as an asset, focusing mostly on how data enhances an organization’s mission. This makes sense as data enables discovery and provides insights, leading to innovations and growth. Most of the focus on protecting data has been on avoiding data loss. Media attention and organizational effort has focused on topics such as security breaches, ransomware and other villainous scenarios. Data protection strategies often center on locking down the borders and keeping the bad guys out. While this is important, it is only the beginning. 

In the age of data liability, organizations must address many more nuanced and sophisticated challenges such as the appropriate use, sharing, quality and integrity of data. Failures in these areas can lead to catastrophic business impacts including massive financial penalties through regulatory sanctions and contractual remedies, exposure of intellectual property causing irreparable harm, disrupted operations and significant brand damage. The impact of these liabilities can lead to potentially irreversible consequences and may even threaten the viability of the organization as a going concern. 

One way to think about this is to think of data as entries on a balance sheet. If data is an asset and the risks associated with data are liabilities then we can call the balance of these two the net value of data to an organization. 

As liabilities increase the net value goes down or even negative. As the organization implements strategies to reduce data liability, the net value of the asset goes up and data continues to help the organization succeed. 

Unfortunately, many organizations have given data liability little attention or investment even though many industry trends continue to drive up the data liability risk. Additional outsourcing requires more sharing with partners. The use of cloud and Software-as-a-Service means volumes of sensitive data are stored outside the corporate network. Increases in remote working models and bring your own device lead to many more interactions with less manageable systems. With all of these factors and more driving up data liabilities, it is less a question of “if” an issue will occur but more a question of “how often”and “how bad will it be.” 

To offset these risks, executive leadership, boards, managers, staff and business partners must take a proactive approach and substantially increase their level of attention and investment to Data Liability Protection (DLP). Through effective DLP strategies and focused attention, organizations can reduce their exposure to data liabilities and maintain a positive net value of their data and continue to leverage data to their advantage. 

Throughout the rest of this series we will explore these concepts in more detail and make recommendations for organizations on how to better protect themselves from data liabilities, to optimize the positive net value of their data.  

About the authors:

Zach Slayton is a Founding Partner of Triverus Consulting with over 20 years of experience delivering value to business through technology.

Carl Ascenzo is a Vice President at Triverus Consulting. His career includes leadership positions as a developer, investor, consultant and corporate customer whose current focus is on helping organizations mitigate the severe consequences of data liability.