Data governance and the harvesting and processing of information are important strategic processes with far-reaching consequences, impacting everything from business models to geopolitical balances.
Indeed, since the start of the Big Data revolution, the slogan “data is the new oil” has taken on growing importance. However, while it renders the idea, that statement lacks precision. Data are not only a consumable asset but can be utilized in myriad ways and, while oil has to be drilled and oil fields remain contested, data are frequently shared spontaneously by persons in exchange for services.
Therefore, given the facility of producing, replicating and sharing data, regulation is needed to protect end-users. As the scientists at the MIT Media Lab describe in “The Moral Machine Experiment”, the ethics involved are geography-specific; i.e. that “cultural clusters” come into play when it comes to deciding what is good and bad, right and wrong. Consequently, a one-size-fits-all, cross-cultural regulation is very difficult to design and, in fact, the regulatory approach of many governments has been highly variegated.
In this dynamic and frequently pioneering undertaking, the process of policymaking must seek to strike the right balance between under- and over-regulation. While under-regulation could deprive citizens of adequate protection, over-regulation could create obstacles to research and to firms’ ability to seize the opportunities typically offered by the data economy.
It is precisely those opportunities that mark a point of discontinuity with past technological revolutions. Indeed, the digital transformation that been underway for a long time now has consisted essentially of the acquisition of new digital technologies that improve business processes mainly by influencing operational models. By contrast, Artificial Intelligence (AI), the Internet of Things (IoT), the Industrial Internet of Things (IIoT), Cloud Computing – along with all the technologies that have simultaneously achieved a level of industrial maturity and constitute the natural data-value chain – are facilitating change at a much deeper level.
In the first place, they make it possible to bring value creation closer to end-users through complex clustering activities and the personalization of goods and services, even on a large scale (mass customization). Secondly, they affect not only operational models but also business models (business model revolution); this thanks to digital servitization, subscription-based-revenue models and, in general, the use of smart products as point of entry for customers to offer them personalized services. An example is mobility 2.0, which overturns the concept of automobile ownership by using the car itself as an entry point for the offer of smart mobility services.
The extensive use of sensors, the cloud for data processing and, in general, the need to use complex technological infrastructure to anchor services with added digital value, along with efforts to evolve their own business models, exposes firms to cyber threats; hence the need for a structural approach to protecting the firm’s data assets and ensuring business continuity.
Approaching the problem is anything but a simple matter however. As opposed to other types of problems that require initial investment and for which risk prevention is no longer a concern, the cyber space has recently been labelled an offense-persistent environment. One where attackers attempt to commandeer the systems of their victims, who are then forced to take increasingly advanced containment and remediation measures that resemble the very attacks to which they have been subject.
It is not enough to depend solely on human ability to ensure system security. The speed and variety of some attacks call for prompt identification and equally rapid strategies for dealing with the problem. Artificial Intelligence is an instrument that is, at least in part, able to respond to the needs of firms wanting to build secure, resilient systems. Yet attackers also use artificial intelligence to discover system architecture weaknesses, resulting in nothing less than an artificial intelligence battle to “capture the flag”.
Cyber security activities contribute significantly to the protection of citizen privacy. Indeed, their goal, along that of with regulatory activities, is to make the digital world safer and, by extension, more sustainable. Often, in fact, cyberattacks succeed due to the cultural weaknesses of their victims. Many of the problems associated with the incorrect use of digital instruments by minors is owed to the lack of digital skills of the adults that should be monitoring them. Moreover, digital technology and artificial intelligence are having a major impact on the green revolution, so it remains essential that these are allowed to continue to develop and to benefit us all, in the interests of social sustainability.