4 Things the Avengers Can Teach Enterprises About Data Security
Already one of the highest-grossing films of all time, Avengers: Infinity War offers plenty of superhero bang for your buck. But unlike your typical summer popcorn flick, the latest Marvel Comics convergence also offers some surprising lessons about data security. That’s right, data security.
You may not have to protect the universe from Thanos, the most epic bad guy in the Marvel universe, but defending your organization (and your customers) from data security threats is pretty heroic too. So, what can an epic battle between Thanos and Marvel superheroes teach you about how to keep enterprise data safe? Read on to find out. (Unless you haven’t seen the movie yet. If that’s the case, be warned: spoilers abound!)
Lesson #1: New Villains Require a New Way of Thinking
Avengers: Infinity War introduces viewers to a new villain, and he’s the biggest, baddest bad guy Marvel fans have ever seen. Thanos is a complex villain, combining many of the characteristics of bad guys who came before him into a single evil being. Thanos isn’t satisfied with the idea of wiping out a single continent or even a planet—his goal is to wipe out half of an entire universe. While Thanos may seem larger than life, when it comes to sensitive data, enterprises too must deal with a threat landscape that is more fraught than ever before.
Much like the destruction that Thanos left in his wake, no stat can truly capture the full impact of a data breach. In addition to penalties and lost customers, the broken trust and reputational damage that follows a data breach can plague organizations for years. The introduction of new compliance requirements such as the European General Data Protection Regulation (GDPR) adds yet another threat to enterprises, as failure to identify personal information (PII), which is often buried within unstructured data, carries hefty new fines.
Lesson #2: You Can’t See into the Future, But You Can Gain Visibility in Other Ways
In an attempt to best Thanos in a fight, Doctor Strange uses the Time Stone to see into the future. But everyday mortals don’t have the gift of seeing what will come to pass, and therefore must use the means they do have for improved visibility into the risks that their data presents.
If 90 percent of data is unstructured—meaning the information within documents can’t be accessed due to differing formats, locations, and other factors—then it follows that most organizations lack crucial visibility into what they need to protect. Improving this visibility is a vital first step in a robust data security strategy.
Organizations can transform unstructured data by converting it into uniform formats from which data can be extracted and classified. This requires technologies such as Optical Character Recognition (OCR), which transforms image-based documents into readily searchable data, and data extraction tools. Next, Progressive Document Classification can eliminate the manual work of organizing all of that data, using clustering and rules-based classifiers to process massive volumes of unstructured data that exists across multiple lines of business.
As in the Avengers, better visibility is a crucial precursor to defending against the bad guys. In the case of data security, any data management plan is contingent upon understanding the data your company possesses so that it can be managed and leveraged appropriately.
Lesson #3: The Avengers (and Data Security) is About Working Together
At its core, the Avengers series is about teamwork. Though each superhero (and his or her powers) is franchise-worthy in their own right, combined, these individuals are an epic force. Similarly, data management and security must be approached holistically within companies, with every team and department participating in the same enterprise-wide approach. A disjointed approach to data management increases the volume of unstructured data, growing room for errors and data mishandling.
Recently, Experian conducted a survey to explore global trends in data quality, and how enterprises and data practitioners are leveraging their information assets to derive meaningful, actionable insights.
What’s more, unified data management not only helps enterprises reduce data security risks, but it also allows them to harness their data insight superpowers to increase revenue, improve efficiencies, and better serve customers.
Lesson #4: (Major Spoiler Alert!) Sometimes the Bad Guys Win, But You Can Mitigate the Fallout
Without going into too many details, Avengers: Infinity War does not end well for our superhero team. And, given the growing threat landscape, it’s possible that even well-prepared and protected organizations can experience a data breach. Based on the annual cost of the data breach review cited in Ponemon Institute’s 2017 Cost of Data Breach Study, organizations face a 27.7 percent risk of experiencing a breach within the next 24 months. This doesn’t mean data management strategies are futile. In fact, data classification was identified as one of the top factors that can reduce the cost of a data breach. How? Because having data repositories that are well organized makes it easier to identify and contain leaks, whereas messy, unstructured data stores make it difficult to know what was compromised. In short, the better organized your data, the better your ability to spot and contain a breach.
In Avengers: Infinity War, the Marvel superheroes face a foe unlike any they’ve encountered before. But they rally with heart and teamwork to fight their best fight, as can businesses in the battle for total data security. The good guys might not always win—and data breaches can occur despite state-of-the-art protections—but planning for the worst-case scenario can help enterprises reduce the fallout.