Does Obama’s Cybersecurity Executive Order Have Broader Big Data Implications?

In the wake of President Obama’s recent State of the Union Address, much of the buzz in enterprise technology circles has been around cybersecurity, and the impact of the President’s Executive Order on the IT industry. The President released an Executive Order on Cybersecurity on February 12th immediately following his address. Among the contents of the Order include the following statement, “It is the policy of the United States to enhance the security and resilience of the Nation’s critical infrastructure and to maintain a cyber environment that encourages efficiency, innovation, and economic prosperity while promoting safety, security, business confidentiality, privacy, and civil liberties.”

While much of the discussion is around protecting consumers and businesses in the wake of cyber threats, shoring up the nation’s cyber infrastructure, and preventing financial fraud related to e-commerce, eventually the conversation is going to move onto how this cybersecurity order applies to some of the emerging technologies that are spreading like wildfire throughout the enterprise. The implications are broad, and CIOs need to understand how they may eventually be infringing on the edicts of the Order with new technologies like Big Data.

Consider, for one, the potential that Big Data can unleash for the retail community as they make increasingly daring efforts to engage their customers. There is no denying that retailers have been capturing troves of data over time related to the purchasing habits of customers. Until very recently, much of this data has been locked away in legacy data stores and accessible only through interfaces that are created for specific roles within the company. Since the arrival of Big Data on the scene, and the emergence of incredibly powerful in-memory data storage (SAP’s HANA and Oracle’s Exalytics come to mind here) and affordable in-store network connectivity, suddenly there are opportunities for retailers to leverage their valuable data and turn it into actionable insight about customer behavior.

Now, instead of using point-of-sale or inventory data weeks after it is captured, retailers have the opportunity to leverage Wi-Fi and mobile networks and big data analytics to capture real-time customer behavior and send offers to customers while in-store, influencing the purchase as it is happening. Some of this is happening today, pushing the envelope of potential data privacy issues for consumers who don’t realize their every move can be tracked inside a store if they “sign in” with their mobile device upon entrance.

Moving beyond retail, there is another big data analytics technology that is gathering a lot of buzz of late. Raytheon, a global security firm headquartered in Massachusetts, has reportedly developed a software solution that offers “extreme-scale analytics,” named RIOT (Rapid Information Overlay Technology). According to the company, RIOT can gather and mine vast amounts of cyber data from popular social sites and geo-location services to track people’s online habits and predict future behavior. The technology was originally used by the U.S. government in 2010 to help build a national security system capable of analyzing trillions of pieces of cyberdata. Clearly, RIOT has applications across a broad set of industries, although Raytheon hasn’t sold the technology yet to any private companies.

But the mere presence of this type of technology raises many questions over the boundaries of big data uses in the mainstream. It is important for CIOs to develop policies around big data usage for employees, partners, and customers. The financial services and retail industries are most aware of the privacy laws that exist with regards to consumer data. But, the continually evolving uses of big data will draw other industries into the fold, many of whom are much less aware of the long-reaching implications. Therefore, understanding not only the potentials for big data but also the appropriate levels of governance and compliance will be key considerations for CIOs.