“The Most Valuable Commodity I Know of is Information.”
-Gordon Gecko, Wall Street (circa 1987)
It is true that the initial basis of this blog is quoting a fictional character from the 1980’s. However, is Gordon Gecko right? Is information the most valuable commodity? According to the Economist, the world’s most valuable commodity is no longer oil, but data. There are all kinds of claims about what actually is the world’s most valuable commodity. Time was a compelling argument, but the general consensus was that some form of data or information is the most important commodity of the Information Age. This is very interesting as there was a time where mere access to information was what separated rich and poor, and built in advantages for dynasties to continue generationally because the rich had access to gain knowledge that the poor did not. As information became more available, first in cheap printed materials and then in the form of the internet, learning and knowledge were largely democratized in the developed world.
So how could Information be the most valuable commodity if it is more available than ever? The law of supply and demand say that as supply increases, value decreases. In this blog, we will explore the difference between data and information, how each gets its value, how companies profit from it, and why InteliSecure has dedicated its entire business model to protecting it.
The Difference between Data and Information
There is a pyramid in common usage known as the DIKW pyramid, which posits that data is the least valuable, the easiest to gather, and
the most prevalent, while wisdom is the highest advancement of data and the most valuable outcome. You could argue that you cannot gain information, knowledge, or wisdom without first having data, which would support the idea that it could be the most valuable commodity as it is the building block for information, and that without it, there could be no information.
The pyramid views data as raw, unrefined and that it doesn’t mean anything by itself. It is just a collection of content with no applied context. By itself, it is useless. The thing about data though is that you can use it to extrapolate information.
Information is simply data organized in such a way that it can answer one or more of the interrogative questions of who, what, where, or how many. Data can also be turned into information when it is used to prove or disprove a hypothesis. In other words, data is the raw material that becomes information when insights are applied to it.
Moving up the pyramid, knowledge solves the more difficult questions such as know-how, building on information by allowing a subject to learn how to achieve an outcome in a repeatable way. This allows tasks to be repeated and eventually automated, which is very useful in the modern world.
At the top, wisdom represents a complete understanding of a subject including what is happening, how it happens, and why it happens. This is rare indeed. If you look at the human condition, we have observed what is happening in a lot of areas and in many of them we also know how something is happening, but in very few instances can we say we confidently know why something is happening. That deeper meaning of why is extraordinarily valuable.
Based on the above reasoning, we’re not asking the right question. Wisdom is more valuable than knowledge, knowledge is more valuable than information, and information is more valuable than data. Instead of asking which of the four is more valuable, we should be asking: Which is the commodity?
In general, commodities are raw materials. You don’t have to look any further than the floor of a commodities exchange to see that bacon is not a commodity but pork bellies are, plastics are not a commodity but oil is, etc. Commodities are the raw materials and if something must be refined, it is not a commodity. Therefore, data is a commodity and information is not. So, while information is not a commodity (Sorry, Mr. Gecko.) it is still valuable.
How Organizations Profit from Data and Information
Thomas Koulopoulas, founder of Delphi Group, has identified the concept of digital self, which succinctly explains the ways in which Facebook, Google, and others, are monetizing the vast amounts of data they are collecting with respect to users and behaviors:
“Clearly, nothing is free, it’s only the currency in which we pay that differs. While the price paid for the use of social media may not be coming out of your bank account, it is most certainly coming out of something that is quickly turning into the single most valuable long-term commodity of the 21st century-your digital self. Your digital self is the collection of data that intimately describes you in a way that makes it possible to model your current behaviors and to predict your future behaviors.”
In this concept, individuals have given organizations consent to monitor everything about them, who they are, where they’re from, what they like and don’t like, etc. Enough to build a profile and predict your behavior. Then, by applying the model for you against the models for thousands of others that share your demographic data, they can build models for behavior patterns and preferences for entire markets. The number of people and organizations that would pay for that extremely valuable information is vast. And none of that information can be created without collecting vast amounts of data. If you were to look at companies with the highest value in the economy you will find that the aggregate enterprise value of companies who rely on data as their primary commodity is much higher than the aggregate enterprise value of organizations relying on any other commodity. Therefore, it seems to be objectively true that data is the most valuable commodity.
So Why is Data Stolen so Often?
In short, because criminals can make a lot of money by doing so. But there are underlying factors that make data theft a popular activity. Many people will have differing opinions on the topic, but I have distilled my thoughts down to three distinct reasons.
First, data is easier to steal than any other valuable commodity. Think about it. How difficult would it be to steal oil? You would have to find where it is stored, figure out how to transport it, break into a secure facility, etc. In order to steal data, all you have to do is steal a password and connect to a network.
Second, the thieves value the data more than the people they are stealing it from. As a result, they are willing to spend more time and effort stealing data than people are willing to spend to defend it. In 2017, according to Security Intelligence, the global cost of cybercrime was just over $600 million. However, the same year, according to Information Age, the global proceeds from cybercrime were $1.5 trillion dollars. This means that for the same criminal acts, the cost to the victims was only 40% of the proceeds. If this calculation doesn’t change, it is unlikely that cybercrime will stop growing at its current rapid, rate.
Third, society is terrible at protecting data. Rules and regulations have not kept pace with technology. Some regulations like the European Union’s GDPR are starting to understand and address the problems associated with the Information Age, but the pace has been slow. The world’s largest economy, the United States, still lacks a comprehensive regulation to protect personal information.
The problem goes beyond regulations. Another reason we are terrible at protecting data is that organizations find it difficult to measure the ROI for data security investments and have begun to fall victim to the McNamara fallacy referenced by Douglas W. Hubbard in his book How to Measure Anything:
“The first step is to measure whatever can easily be measured. This is ok as far as it goes. The second step is to disregard that which can’t be easily measured or to give it an arbitrary quantitative value. This is artificial and misleading. The third step is to presume what can’t be measured easily isn’t important. This is blindness. The fourth step is to say what can’t easily be measured really doesn’t exist. This is suicide.”
-Charles Handy, The Empty Raincoat
Why we do What we do
Protecting data can be hard and many people don’t understand how to do it. At face value, it seems easy enough, but defining what data to protect can be deceptively difficult. Organizations simply don’t have the resources to protect all data equally. Those that think they can, or should, will probably fail. The deceptively difficult part of data protection revolves around the premise that not all data has the same monetary value. While all data should have some form of protection, the critical data that needs additional protection is that data that could have a substantial negative impact on the bottom line. Helping organizations develop security programs that identify those critical data assets and solve the three issues I mentioned above as to why data is stolen so readily is paramount in today’s interconnected world.
If data is our most valuable commodity, we as a society are failing miserably at protecting it. It is incumbent upon all of us for the sake of our coworkers, shareholders, and ourselves to ensure our organization is protecting data appropriately. You cannot protect everything, so you must distinguish what is critical from what is not. If you cannot accomplish either objective with your own resources, seek out help. The Information Economy depends on it.