Whether or not you agree with the tired metaphor "data is the new oil" this opinion by John Naughton offers an interesting perspective on it in the wake of the unprecedented British Airways GDPR fine.
Most people agree that possession of masses of data is considered a valuable asset for tech companies fortunate enough to hold it, and that regardless of whether they count it explicitly as an asset on their balance sheets, practically it provides a powerful barrier to entry for competitors and start-ups. But isn't there a risk that large amounts of data could actually be a huge liability for businesses unable to protect it? Similar to the effect of the "Keep it in the Ground" campaign on fossil fuel reserves, what if investors were to look cautiously at troves of data?
For businesses to really reap the benefits from holding data, information security must be a top priority for boards and executives. There's probably no other operational matter with the same potential to affect a company's growth, reputation, innovation and investor relations. Directors and executives don't need to become technology experts, but (if they don't already) they need to understand that information security is vital to modern business - both in terms of risks and opportunities - and should enable their operational teams to ensure appropriate measures are in place.