Australian organisations have two key reasons to double down on data management

The bottom line is that more data creates both opportunity and risk.

Most Australian organisations realise their data has value, and that as data volumes continue to grow, this value will increase over time.

But data value for organisations is a double-edged sword. Data is valuable not only when it's in the hands of the organisation directly, but also in the hands of threat actors. 

Consistent breaches of Australian organisations has focused investment on data management from a security perspective. While this remains important, it is not necessarily setting organisations up to tap into the full spectrum of opportunities that may be present in their data.

Organisations need to find a balance between the competing priorities that are driving data management investments today. External assistance and expertise may be warranted to get that balance right.

Deriving direct value

Organisations have historically seen value in data from an internal reporting perspective, but trends over the past five years have elevated the role of data in decision-making.

The 'data as an asset' movement, for example, encouraged organisations to look at their data holdings in a new light. Organisations could coax valuable insights out of raw data that enabled them to strategise, better identify and exploit opportunities, and win in their respective market segments. An extension of this movement positioned data as "the most significant asset many organisations possess".

Theoretically, this recognition of the value of data should have translated into good custodianship behaviours around its storage and management, setting organisations up for future data-driven eras of business. And it did for some organisations - but adoption was not uniform. 

This has created an uneven playing field in the AI era that followed, where less than half of Australian organisations find themselves set up for success, while the majority are having to work harder to bring their data up to standard. 

A recent survey illustrates this divide. It found only 44% of Australian respondents have data available when they need it the majority of the time. 

On a global basis, more than three quarters (80%) of respondents to the survey also reported that the majority of their data is unstructured. This makes it harder for AI models to work with, and also poses greater risk as data volumes explode. 

Storing, managing and tagging data to ensure quality for use in AI models is only getting harder - and organisations that are not appropriately focused on proper data management and data quality risk minimising their ability to be data-driven and to use AI to make material gains.

Australian organisations are engaging third-party support to create uplifts in critical areas. The survey found 28% of IT leaders are seeking outside assistance to create scalable, future-proof hardware solutions; one in five are doing the same to reduce redundant, obsolete or trivial (ROT) data storage and to aid data preparation; while 23% are getting help with improving data processing.

But the ability to realise gains from data - and to effectively participate in the AI opportunity - is only one part of the story when it comes to why data management is of critical importance. The flipside is the need to protect it.

The value for threat actors

In the same timeframe that organisations and C-Level leaders recognised the value of internal data holdings, so have threat actors, and that is a simultaneous driver of data management activity in Australian organisations.

Part of this challenge is that data now lives everywhere, making it more complex than ever to manage and secure data, and easier than ever for bad actors to access, manipulate and hold data for ransom.

Whereas traditionally data - and access to it - was centralised and contained to an organisation's corporate network, today data is found in hybrid IT environments, both on-premises and in the cloud, and a distributed workforce is accessing those resources via corporate-owned and BYO devices. The perimeter has disappeared, and that makes both data management and security more complex and enterprise data more vulnerable. 

To uplift protections, organisations are advised to follow a five-step process. 

The first step is to identify your data assets, who has access to them and the risk that presents. This helps to determine what data is mission-critical and the level of investment required to store and protect your various data assets.

Step two is to work with an expert to create a data protection modernisation strategy that strengthens your operational resilience from edge to core. That should include implementing a reliable, secure data infrastructure spanning clouds and data centres, branch offices, and user devices like laptops and smartphones – wherever your associates use them.

Step three is to employ technology with the ability to create immutable, point-in-time copies of your data. This will aid rapid recovery if the organisation is hit with an attack in which data is deleted or changed. With an immutable snapshot of data, restoration is fast and simple.

The fourth step is to protect both production and backup data. Bad actors are now targeting enterprise backup data in addition to production data, so cybersecurity and resilience efforts must cover both.

Finally, organisations should aim to take advantage of AI tools to continually monitor for and identify threats to data holdings much faster. With AI, organisations can leverage lessons learned from past security incidents to predict and prevent future threats.