Using Big Data to identify threats
Probably one of the most recognised but least understood disruptive technologies for Risk Management in the 2020’s is Risk Identification using Big Data.
This week I look at No. 9 – Using Big Data to identify trends and evolving risks.
To recap on the lead-in article in this series “The Top 10 Disruptive Technologies in the 2020s”, the Word Economic Forum 2018 Global Risks Report urged the need for “individuals and organizations to think critically and creatively about how they can respond to a rapidly evolving risks”.
Big Data provides the single greatest opportunity for identifying trends and evolving risks.
What is Big Data?
Big Data is the aggregation and analyses of the huge masses of public data (and not so publicly) available in cloud. Most of this is unstructured data (i.e. documents and articles) from published research papers, government stats, transport & power usage, social media chatter, the news, announcements, and rumours in the press, or even information from competitors’ websites. More often than not, it is also generated as a by-product of other applications or activities, such as cloud based CRM or accounting system. Leaving aside its legal, ethical, and sovereignty issues, a number of large on-line software providers are aggregating the statistics of your data and usage, which makes it anonymous, and then provide it for consumption thru Big Data. You will be astounded by the wealth of free big data sets available, just Google: free big data sources.
How do you know what’s relevant?
Companies like Google and PeopleSoft have developed extensive metrics and demographics on data in the cloud, based on who accesses it and its relationship to other data found useful in the similar searches. This is identified based on the length of time spent at that document and repeat visits by a large volume of users using similar searches. It’s not based on “meta-data” or SEO engineering.
How do you use Big Data?
The most common way of accessing Big Data is using the Hadoop technology. Hadoop is an open source (public domain) framework that allows the processing and storage of extremely large data sets in a distributed computing environment. It provides a method of aggregating multiple data sources then extracting meaningful results from simple queries, much like you would use to find internal sales figures, but from worldwide activity for your selected demographics (locale, target group, activity, sentiment, etc.). This is the innovation that moved that masses of data on the internet from being an obstacle to a disruptive resource. There are numerous 3rd party software packages available to facilitate establishing a Hadoop data lake.
Be aware! Big Data is its own discipline and shouldn’t be combined or confused with Analytics. Just as you don’t start building a house before you design it, and design and carpentry disciplines are not interchangeable, so too is Big Data and Analytics. Big Data is infrastructure while Analytics is consumption. Your aim with Big Data is to establish a comprehensive Data Inventory including external sources, followed by establishing a good Data Governance framework to ensure confident in that data before you start making assumptions based on it.
Why use Big Data for Risk Management?
Big Data can be used to extract risk collateral but more importantly, for identifying threats and evolving risks. Traditional risk management systems rely almost exclusively on risk reviews to identify threats and evolving risks, which is both ineffective and subject to bias. People don’t know what they don’t know.
To be usable for analytics, academics refer to the need to identify the “data journey” with lots of “touch points” (data point sources).
If you have moved from the unproductive Risk Register based risk management to Scenario based risk event management (see Using Scenario Analysis for Risk Based Decision Making), you now have identified both the journey (the scenario steps) and the touch points (the drivers and influences on risk events). Against these you can set Hadoop queries that will monitor any activities that affect those scenarios. This is how you identify trends and evolving risks.
Here is an example that comes from an HBR article “Don’t Let Data Paralysis Stand Between You And Your Customers” By Harald Fanderl:
“One bank, for instance, was looking for ways to use big data to spot early indications of loss risk in its small business lending and service operations. Touchpoint data revealed subtle changes in customer behavior that raised questions in the fraud team’s mind. It was only when the team connected the dots across touchpoints, however, that the bank discovered behavior patterns that highly correlated with imminent risk of default. These included changed behaviors in online account checking frequency, number and type of call center inquiries and branch visits, and credit line use. Analyzing those complex patterns allowed the bank to develop an early warning system that flagged high-risk customers.
Big data harbors big opportunities to improve customer journeys and value. What it requires is a commitment to focus on what really matters.”
According to Gartner 70% of big data initiatives have not moved past the “pilot” phase, i.e. fail. This is because they are really IT playing with concepts not solving real problems. A Big Data project must be based on identifying the drivers & influences that affect risk then identify Big Data sources to measure those influences. Next ensure confidence in that data thru a stringent data governance regime testing quality, accuracy, bias, and consistency before thinking about analytics. Ensure you have a corporate policies on its selection and use.
Using Big Data to identify trends and evolving risks
The beauty in this is that instead of you relying on an individual within your organization to identify an evolving risk to your business, the “wisdom of the crowd” identifies the threats posed by world or local events which can be matched, thru Big Data, against the identified risk drivers and influences within your risk scenarios.
These Hadoop queries are relatively easy to develop and consume using currently available desktop Analytics tools like Google Analytics, PowerBI and even Excel. Coupled with modern ERM software that provides KRI monitoring tools with trigger notifications, operational management can be notified of an identified evolving risk, presented with the applicable scenarios, and utilize Predictive Analytics (this will be a subject on its own in an upcoming article) to evaluate and test possible courses of action. This provides them with invaluable collateral for informed decision making. Practical and value-adding risk management.
Next week I will look at No. 8 – “Using Neural Networking to identify and map Risk interrelationships”, in more detail.