Least capture is the new security principle you need to work to.

We are in a world where privacy regulations are giving control back to people, and imposing significant penalties on organisations that don’t adequately secure personally identifiable information.

There are only really two possible things your organisation can focus on to navigate this new landscape.

The first is to spend more on securing your data than you ever have before. This is the easy route – because greater magnitude of harm means greater risk mitigation expenditure. The maths is simple, the board will get it.

The second way is to reduce data data capture to the bare minimum, and delete or anonymise what you’ve captured as soon as you can.

This isn’t easy, it requires your whole organisation to take a disciplined approach to data capture that recognises the new risks.

It requires questions like “why do we need that data to deliver our service, and for how long” to be asked and acted on as a matter of routine. If you’re doing really well, you’ll have a business case for every bit of data you capture that will also have a time value.

Innovative solutions will be required to gain the advantage of broad and long term data capture, without incurring the liability, and without becoming target.

The hardest part will be getting people to hit the delete button, because we’re used to hoarding, not minimalism. We’re convinced that data is the new oil, when it’s actually the new Plutonium, and needs to be handled like it.

There will be two types of organisations in the future – those who overspend on security, get nothing back on their investment and still get fined, and those who capture only what they have to, and innovate. The second way is better.

Author: Karl Melrose

Thinker about how to think about economics, security, risk, technology and incentives. Out to solve every optimising problem, out to make sure my thinking gets better, every day.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s