How to monitor data in a business context?
There is a gap between business and information security. Despite good intentions, information and cyber security are still often focused on protecting networks and data resources on a technical level. And this is important work, but it shouldn’t be the main point. Beneath all the technical layers, what really matters is the contingency and integrity of key business processes. This is essentially what all the technological solutions should be working towards securing. So how can we see that this is really happening? Rather, how do we build situational awareness regarding our key business processes?
Situational awareness can be described as an analytical approach towards organising available information to reach the most appropriate conclusions, and to act correctly based on the information and analysis. On a theoretical level, the process can be divided into three consecutive steps: perception, comprehension and projection.
A shared dashboard provides a group of people with the possibility to perceive the same things. However, data collection and organizing alone is not enough. Having a beautifully designed graphical dashboard providing a detailed near real-time representation of data flows and system states can in the worst-case lead into a false sense of security. Why so? Because of the lack of context.
Perceived information can have different meanings to people with different backgrounds, skillsets and interests. So different people perceive the same information, but interpret it differently due to variations in their personal context, thus altering individual comprehension. Since comprehension paves way for projection, i.e. making decisions based on the information, this can have grave consequences.
When seeing a red light at an intersection, everyone with a driver’s license will instantly know to interpret it as a signal to stop and will hit the brakes. When reading about alarming trends in the stock market, a CEO will take much more time and consideration to decide on the actions that should be taken based on the information. A red traffic light at an intersection is interpreted in a shared context, but signals with more complicated backgrounds and potential outcomes can be interpreted in many ways. The perceived information may be the same for everyone, but the level of knowledge and point of view on the subject affect the comprehension a great deal. So, what does this mean regarding business data and the integrity of business processes?
Besides technical integrity, proper business context is required to establish that the data is correct also from a business point of view. And this is where cooperation and a shared context is required from both security and business oriented people. Because as said, behind all the technical jargon and quality lingo, what we are really trying to ensure is that the data acts and flows as intended for business to run smoothly. This is a goal shared by business and security people alike.
This has been the founding idea of Huginn. Named after the all-seeing servant of the Norse god Odin, Huginn is a real-time data integrity monitoring solution which hooks up to data sources and monitors business processes. Instead of technical integrity, it monitors that the data acts and behaves correctly in the business context. If changes that occur in the data are not in accordance with the defined processes, Huginn provides real-time notification and visibility to the issue.
This enables you to minimise mistakes and errors in your core data, notice attempts to manipulate your data, and provide real-time assurance on legal and regulatory compliance. Notice how these benefits are not limited to just alarms on a dashboard, but offer something concrete for people across different areas of business to act upon.
Whether it is weak processes, human error, or cyber threats that have a negative impact on your data and business processes, Huginn will give you the chance to act upon them. This is something that can be leveraged for the benefit of the company at all levels. And this is what we mean by integrating security with business.
