• United States




Data is the new air

May 23, 20185 mins
Data and Information SecurityData ManagementPrivacy

Data is a catalyst of innovation, of disruption and of possibilities. However, we still need to learn how to harness data and the internet for positive benefit. In the data we generate, there also is great risk. We need to understand both and plot our digital pathways accordingly.

In the infancy of any technology, there are going to be teachable moments. Prehistoric man’s mastery of fire didn’t come without a few scorched fingers and the occasional multi-acre conflagration. As a species, our taming of fire and combustion enabled innovations in everything from cooking to metallurgy to transportation, to an array of other endeavors. Those innovations, however, required a continuous process for humans to learn and establish capabilities to control fire, to use it appropriately, and to make it work for humanity’s benefit.

What the discovery of fire meant to ancient humankind, the internet is to our modern world: a reshaping force that has reconfigured the ways in which we interact and innovate. And—like our forebearers—we are still singeing our hands a bit as we learn to operate appropriately in our evolving digital society. No matter whether we are enterprises or individuals, we must continue to develop and mature our capabilities to embrace and cope with new technologies and the resulting data that offer so much positive potential.

Data is not the new “oil” anymore. Data is the new “air.” It has become more than economic fuel; it is a catalyst of innovation, of disruption, and of possibilities. However, it’s never a guarantee that all innovations, disruptions and possibilities will be positive ones. Creating fire was one of early humanity’s greatest accomplishments. It also made arson possible. We still need to learn how to harness data and the internet for positive benefit—as well as to manage and mitigate its risks. In the data we generate, just as there is great value, there also is great risk. We need to understand both and plot our digital pathways accordingly.

Zuckerberg’s testimony spotlights the need for national — and even global — discussion

Facebook CEO Mark Zuckerberg’s moments on Capitol Hill last month made our need to digitally evolve even more stark. His testimony made the spotlight already focused on data and privacy even brighter. If nothing else was accomplished by his interactions with Congress, he has surfaced important and thought-provoking issues worthy of continued discussion—discussion that needs the active participation of policymakers, regulators, industry executives, academic leaders and individual citizens concerned about the use of their personal data.

Zuckerberg’s appearance in Washington, DC came in the aftermath of a data scandal involving a UK-based political data firm that improperly accessed data of millions of Facebook users. Pointing a finger at Facebook and asking, “How did this happen?” may feel cathartic, but it misses the larger point. This happened because the digital world in which we are now living continues to evolve faster than we have developed internationally accepted standards. This happened because, absent of such standards, evolution within the global regulatory and public policy realm has been unable to keep pace with the rapid advancement of technology. 

Admission, responsibility and a promise for the future

During his testimony, Zuckerberg admitted mistakes, accepted responsibility, and promised to do better—and then was grilled about many of those mistakes and the path forward. While Facebook has pledged expanded efforts to protect its users’ data, including giving users a better understanding of which apps can access their data and providing developers less access to data without users’ expressed consent, the revised approach going forward should not be Facebook’s responsibility alone. We, as individuals, have to accept some responsibility, too. In an odd sort of way, people have become data-driven companies in their own right. We must be proactive in the protection of our personal information, profiles, data and privacy rights.

The urgent need for sound data protection has reached new heights globally thanks to the arrival of the long-anticipated General Data Protection Regulation (GDPR), which is now in effect. ISACA research conducted in the weeks leading up to the deadline shows that prioritizing GDPR compliance among other business priorities is among the leading challenges that organizations face. While balancing enterprise priorities amid a disruptive and fast-evolving technology landscape is no easy task, protecting customers’ personal information — whether mandated by GDPR or otherwise — must be a priority, and therefore not relegated to being treated as a secondary consideration.

Treating data with the right policies and regulations that benefit us all

Data is the new air, and leveraging its positive potential is essential to catalyze innovation, progress, and to create new value. To inspire assurance and confidence that the appropriate data protection efforts are in place, implementation of more rigorous and robust information/data governance is not an option; it has become a must. We may also need consensus-based standards to shape the right governance environment, ultimately making it easier to comply with any new policies and regulations that will come forward in the future. Without these conditions in place and lacking a collective commitment to collaboration, breathing this new air will become far more difficult.


Matt Loeb, CGEIT, FASAE, CAE, is the CEO of ISACA, which serves 159,000 professionals with expertise in audit, assurance, security, privacy and risk. Prior to joining ISACA, Loeb was staff executive for the Institute of Electrical and Electronics Engineers (IEEE) and the executive director of the IEEE Foundation. His professional experience includes enterprise strategy, corporate development, global business operations, governance, publishing, sales, marketing, product development and acquisitions functions in a variety of for-profit and nonprofit organizations.

In 2016, Matt named a Fellow of the American Society of Association Executives (ASAE). He is one of only 251 individuals to receive this recognition since the program’s inception 30 years ago. This industry recognition is bestowed on fewer than 1 percent of those working in the nonprofit industry. He was also selected by the National Association of Corporate Directors (NACD) as one of the top 100 Directors for 2016, and honored for this recognition at NACD’s annual Directorship 100 event in New York City in November.

Matt has been on numerous corporate for-profit and non-profit Boards. He currently serves as board chair of Pittsburgh-based Clearmodel, as a director on the Board of the American Society of Association Executives and the ASAE Foundation, both of which are based in Washington, DC, and as a trustee of Excelsior College located in Albany, NY.

The opinions expressed in this blog are those of Matt Loeb and do not necessarily represent those of IDG Communications, Inc., its parent, subsidiary or affiliated companies.

More from this author