Data vs. Information
September 11, 2019
I’ve never much cared for the phrase “data-driven decision.” It’s not that I endorse gut-level decision-making or shooting from the hip, but rather I take exception to the word “data” in this context. In short, I think data is overrated.
SIEMs can produce millions of logs in a day, but that data, on its own, doesn’t help the enterprise reduce the risk of a successful cyber attack or identify one in progress. Wall Street financial analysts can easily obtain reams of historical stock price data, but, in and over itself, those hundreds of thousands of lines of data are largely useless. Voter profile data is plentiful for political candidates, but the raw data enables no campaign to surgically target voters and optimize campaign resources to maximize votes.
The point is that data is just a list of numbers in rows and columns in a spreadsheet; the advent of “big data” only means those spreadsheets have gotten unimaginably larger as the world has become digitized. We don’t need more data…we need more information.
I like to think of information as the combination of data and intelligence. That intelligence can be good ol’ fashioned human beings, or state-of-the-art AI engines. Either way, something has to be applied to the endless rows and columns that comprise today’s big data databases to make the data useful, actionable, and the trends and insights decipherable.
Delve is applying this principle to enterprise vulnerability management. Identifying vulnerable servers or other IT assets has become table stakes today. A list of assets, their vulnerabilities, and the public CVSS score is the “data” that is largely useless until some kind of intelligence can be applied to it, yielding actionable information. Since patching is time-consuming and risky, providing an enterprise with a long (hundreds or even thousands) list of vulnerabilities with nothing more than a “good luck” wish is only marginally more valuable than providing no vulnerability management at all.
At Delve, we’re transforming common vulnerability data into actionable information, so IT teams know which vulnerabilities to address first: the ones that will reduce their risk of a substantive breach the most.
One might say, in the critical world of vulnerability management, we’re replacing data-driven decision-making with information-driven decision-making. I’m much more comfortable with that phraseology.