Cyber Defense Magazine: A PETs-Enabled Path to Secure & Private Data Monetization

Excerpt:

Large enterprise organizations are always looking for ways to create new revenue streams and that’s never more true than today. One approach to finding such opportunities is to assess internal data holdings and explore how those existing assets might be further leveraged. In today’s environment, almost any piece of data can be monetized and organizations are increasingly pursuing avenues to turn their data into revenue-generating products and services. And such efforts may benefit more than just the near-term bottom line: research suggests that businesses that work to monetize data assets outperform those who do not.

But while data is both a competitive asset and potentially lucrative revenue generator, it can also be a risk trigger. According to Accenture’s Technology Vision survey, 81 percent of executives agree that as the business value of data grows, the risks companies face from the improper handling of data grow exponentially. Leveraging data assets for monetization purposes can introduce privacy challenges and security vulnerabilities that traditional risk-mitigation strategies are often not designed to address. In order to overcome such barriers, organizations are increasingly asking, “How can we create revenue while respecting the security and the privacy of existing data assets, and protecting the interests of those who wish to leverage our data?” There is good news for these exploratory organizations: technology is now ready to provide a practical, scalable answer.

Advances in a category of solutions known as Privacy Enhancing Technologies (PETs) are changing the game for unlocking data value by facilitating the secure and private usage of data. These technologies — which include homomorphic encryption, secure multiparty computation, and trusted execution environments, among others — allow businesses to responsibly monetize existing data assets by respecting the privacy of both the customers using the monetization service and the data itself. It is critical that data owners consider both of these components, the data and participants, or the risks associated with monetization may outweigh the benefits.

At the core of any effective monetization strategy is the holistic security and governance of the data itself. Some organizations are working to address this issue by adopting a data-centric approach to security, focusing on the security of the data rather than just the networks, servers, and applications it resides on. The goal of this holistic approach is to protect data wherever it is within an organization, whether at rest on the file system, moving through the network, or while it’s actually being used or processed, as represented in the Data Security Triad. If there is data of value at stake, it must be protected at all times.

While Data at Rest and Data in Transit are commonly protected using standard data and transport encryption, the Data in Use segment is frequently overlooked by many organizations. Protecting data while it's being used is especially of critical importance when it comes to leveraging data for monetization purposes. PETs solutions are uniquely positioned to address these Data in Use vulnerabilities because they can allow sensitive or regulated data to be securely processed and in a privacy-preserving manner without the risk of exposure. With PETs, organizations can analyze, use, and provide access to data assets in ways that may have previously been determined to be too risky, especially if that data is to be shared with a third party.

Read the full Cyber Defense Magazine article.