Business risk is not just a headache for the security team. Increasingly, the whole organization, from entry level graduates right through to the Board, weigh their decisions now on the element of risk that comes hand in hand with the digitization of the industry, and the data alongside it. But data can also be used to minimize that risk. Whether through intelligence, preparedness, policy or categorization, technology leaders are becoming more proactive in this space.
In Using Data to Minimize Risk, Bloomberg Live’s Sasha Qadri moderates a debate between Andy Ng, Partner, Cyber, EY, David Germain, Group CIO, RSA, Alison Davis, CIO, The Natural History Museum, Natascha Polderman, IT Director, Schillings, and Freddie Quek, CTO, Times Higher Education, as they bring along with them some fascinating case study material on this vital topic.
Data risk policies
Setting the context of the debate, Andy acknowledged that every sector, from his perspective, is moving in the same direction, when it comes to security policy. The differences in pace arise when we consider how those policies are enforced, where that data comes from and goes, and to what extent that company is leveraging technologies to automate enough of the tasks to help people concentrate on the contextual, complex data sets.
The Natural History Museum falls squarely in the advanced camp, in this context, as Alison explained.
“There are three areas of use for our data which have been critical for us,” she said. “The first has been our response to Covid19.”
The Museum is partly funded by donations. Successive lockdowns have been severely damaging to the bottom line of this institution and subsequent social distancing measures impacted the number of people in the Museum at any one time. Alison and her team have been gathering insights on the museum layout and the maximum number of people they can have in one sitting, whilst adhering to the then current policies, maximizing the use of the space and amount of money they can raise.
“The second area is protecting our 80 million-strong collection,” she continued. “We’re using data and AI to look at pest management and whether we can predict the trends around what pests attack what, and when. Visitors can also carry pests on them too and we want to be able to forecast these issues to help us better prepare for attack, and protect specimens.”
The third area, she concluded, was in the vast arena of research data from its 300 scientists. They launched the biodiversity trends explorer portal for policy makers to understand biodiversity indicators, amongst others, which was an incredibly data-intensive program.
Other sectors are just as beholden to data. Insurance, as David explained, relies on data to inform policy holders of the best use of products and risk ratings, giving consumers the best choice possible.
“We work in what’s called an integrated high transaction environment,” said David, “and it’s very competitive.
“Data is the competitive advantage and we’ve bet heavily on creating an analytics-driven environment for our rism team. That means exploiting third party data and enriching it with our own to get a more balanced view of the world. We utilize different machine learning platforms to conjure up models on that data and repeat them under different scenarios, such as natural disasters. It’s all about the advantages.”
Commenting on Alison’s point about visitor numbers, Freddie, The Times Higher Education, made the point that for most digital businesses today, clicks were their footfall. And, given the sheer power of companies like Google on the click-through rate of websites, understanding the data behind their algorithms was becoming a competitive advantage.
“Externally, we also launched a new product,” he continued. “It was an impact dashboard to help higher education institutions measure themselves against the UN’s SDG’s, a macro view on the subject they otherwise would not normally see. The reason is because we conducted a student survey that told us one of their main considerations for choosing a university were those goals.”
Right to privacy
And within another sector once more, Natascha of law firm Schillings delved into a different subject area within the data-risk profile.
“What I really like about Schillings is we believe passionately that everyone has a right to privacy.
“We help clients manage their online reputation, cases of false content and we protect their digital health. We review data from individuals, families, companies and the links between all of them, because when you’re dealing with large quantities of data you’re more than likely dealing with hidden sources.”
Natascha joined the firm only recently, and quickly set about minimizing the amount of data they were using—she didn’t want that risk to jeopardize the organization—and quicken the process of finding answers for clients.
The team brought in a platform which aggregated data from different sources, allowing them to link only the data they need to make decisions in an easily accessible, visual way. This, she explained, allowed investigators to spend more of their time solving problems, not collecting data.
This roundtable was sponsored by Tanium.