Can You Have Both an Offensive vs. Defensive Data Strategy?

It’s widely accepted that limited time and resources force organizations to make trade-offs between offense and defense when implementing their data strategy. With the technological shifts of the last few years, this may no longer be true.

The Data Management Body of Knowledge defines data strategy as “a set of choices and decisions that together, chart a high-level course of action to achieve high-level goals.” Data strategy sits at a critical spot within any organization, as it dictates what you do with data to reach the business outcomes you want to achieve. When deciding your data strategy, you must take into account things like your regulatory environment, current infrastructure, and the limits on what you’re able to do with data.

In an article published in the Harvard Business Review, the authors view data strategy as a scale with two sides: offense and defense. Offensive data strategies focus on getting value out of data to build better products, improve your competitive position, and improve profitability, while defensive strategies focus more on risk mitigation, data security, and regulatory compliance. An organization must make considered trade-offs between offense and defense, the authors propose, as these are opposing viewpoints vying for limited resources and attempting to accomplish all of your offensive and defensive goals is akin to having your cake and eating it too.

Here’s the thing: we disagree.

The Harvard Business Review article was published back in 2017, before the privacy regulations we know and love today came into effect, before 2020’s massive shift to the cloud, and before data solidified itself as the critical new trend. The world has changed since then, yet this viewpoint is still echoed as true by data governance and data management leaders. It’s time to refresh our way of thinking. Here’s what we know:

Offense is Easier Than Ever

Hardly anyone knew the name “Snowflake” in 2017, and in 2020 the Cloud Data Platform became the largest IPO by a software company U.S. history. They did so by offering a simple way for organizations to store and analyze huge amounts of information. They’re not alone, either. Companies like Fivetran and Matillion make it easy to load data into cloud data platforms like Snowflake, while those like Thoughtspot and Looker allow you to extract value from data within those platforms better than ever before. With the shift to the cloud, it’s easier than ever to implement an offensive data strategy. Unfortunately, new and increasing privacy regulations mean your focus is forced elsewhere.

You Must Focus on Defense

The Harvard Business Review article was right when it said companies in highly regulated environments must focus on defensive data strategies. What wasn’t accounted for in 2017 were the sweeping privacy regulations that have come into effect around the globe. Now, every company is a regulated company and must spend time and resources implementing a defensive data strategy to avoid the costly penalties that come with a data breach. So, if you must focus on defense, is there a way to somehow get the best of both worlds?

The Key is Simplicity

Defensive strategies must take a page out of the offensive playbook and implement tools for risk mitigation, data governance, and data security as simply as possible. If tools can be implemented as services, without requiring resources to install and maintain, your team can accomplish both your offensive and defensive goals. Further, tools that can mitigate the risk of credentialed threats through proactive security allow you to enhance your offensive capabilities by moving more sensitive workloads to the cloud and sharing data with more teams.

You Can Have Both

You no longer have to make considered trade-offs between offensive and defensive data strategies. By implementing a defensive data strategy that mirrors the simplicity of your offensive tools, you can actually increase your ability to get value out of data. SaaS-based technologies like ALTR’s cloud platform allow you to mitigate data risk while moving sensitive data to cloud data platforms, enabling business teams to get more value by combining datasets. In this case, you truly can have your cake and eat it too.

Share this post

Pete Martin

Pete Martin

Pete is a co-founder and Director of Product Marketing at ALTR. He is passionate about enabling organizations to become more data-driven through simplifying governance and security. Pete is also a very happy husband and father, and can be found flying planes on sunny days.

scroll to top