Information management can significantly boost performance and prevent damaging losses, but make sure to consider all elements for maximum affect.
Cyber security has been a top 5 concern for the ‘C suite’ for a long time, and with 625,000 known crimes a month in the UK alone according to a recent Computer weekly article, and a global value of $400bn in 2014 according to Mcafee, so it should be. But cyber security should be just one element of an overall information management strategy, which if managed correctly can enhance the bottom line as well as protect it.
In my recent article on corporate services, I placed information as one of the 6 ownership areas of the corporate services function within the investment model. The reason for this is that information management is one of the key success criteria for the other 5 areas. Information management is made up of four components; Information Technology and Information Systems support enabling technologies, Information Quality and Information Security support functional ownership and control.
This is the technical platform on which technologies operate. Classically, these are the servers and associated operating platforms, plus hardware such as laptops, desktops, tablets and communications.
These are the applications used to undertake activities with data, and provide the user with the interfaces to perform actions to add, change and view both raw and calculated data.
The goal of information quality is to collect and qualify the data against quality measures such as data standards, convert to information, and present as intelligence through information systems.
To qualify as ‘quality information’ it needs to be accurate, follow a standard syntax, and have complete and accurate metadata tags. This is essential in data analysis, as patterns can be formed from multiple data sets to provide information for intelligent decision making.
Improving the quality of information should be at the heart of the proactive information management strategy, as intelligent decisions are only as good as the quality of data that form the basis for decision making.
Information quality will play a more vital role as we move toward digital transformation. Expenditure on this aspect of information management should increase to make best use of technological advances in this area.
The goal of information security is to educate, detect, respond, control, and prevent leakage.
The ‘educate’ part is very important and often overlooked. Over recent years of being involved in Information security programs, I have become more aware of people in everyday situations (on the train, in a restaurant) who are either talking openly to a friend or colleague directly or on the phone and unwittingly giving away secure information. Added to that is the ease with which passwords can be guessed (‘12345’ and ‘Password’ are still 2 of the top 5 passwords used today), and it gives activists the information they require without any hacking or phishing involved.
Prevention is where businesses spend most of their effort. A recent report from CFO magazine in conjunction with UnitedLex places this at nearly two thirds of the increasing cyber security budget. But if equal weight were to be applied to all aspects of information security, then cyber security would be more controlled and successful.
Information management investment
Effective information management requires intelligent investment based on a sound strategy. It should be a strategy that delivers the right enabling technologies (technology and systems) with functional ownership of positive (quality) and negative (security) information.
If companies are to take advantage of improvements in enabling technologies, in particular the advances allowing digital transformation, then investment in information quality should be increased to reap the benefits.
Cyber security may be the element that has grabbed the headlines, but a balanced effort on all aspects of information security is a more efficient investment.
Please connect using;