Johannesburg, 30 Jan 2024
As data becomes ever-more valuable to business, but increasingly difficult to protect, organisations need to adopt Data Security Posture Management (DSPM) – a holistic approach to protecting data across environments.
This is according to security and data protection specialists participating in a webinar on DSPM, hosted by Rubrik and ITWeb.
Richard Cassidy, field CISO, advisor, Forbes Technology Council member, cyber security & resilience expert at Rubrik, said: “Organisations’ data is growing at an astonishing rate. If we continue on the current trajectory, data silos will be five times larger than they are now, in just two to three years. Rubrik’s Zero Labs research has found that 98% of organisations have significant data visibility challenges so they are having to accept more risk than they normally would. A typical global organisation’s data is growing by 73% in the cloud in the past 18 months. Almost two-thirds of security leaders say their data growth has outpaced their ability to secure and manage risk.”
At the same time, adversaries are becoming more effective, he said. “They are using AI, GenAI and automation and so they are capable of doing a lot more in less time. Modern attackers aren’t breaking in – they’re logging in. It has become much easier to convince users to pass on sensitive data and credentials through hyper personalised phishing attacks,” Cassidy said.
Organisations have had to depend on frameworks and regulations to mitigate risk, he said. However, with frameworks and regulations, there may be overlaps, ambiguity and challenges in balancing compliance, technology decisions and business operations. The cloud adds to the complexity, he noted. Cloud data is hard to secure due to factors like rapid growth, multifaceted ecosystems, a range of vendor-specific tools and limited visibility into full data flows and access patterns. In the cloud, there are also compliance variability and governance gaps.
Cassidy said: “Many CISOs don’t fully understand what data they are protecting, where the data and user assets reside and where the sensitive and PII data is, or who – or what – they are protecting the assets from. They also need to know who is accessing the data and where the data is going.”
Bernard Chadenga, virtual CISO at the The Cimplicity Institute, noted: “Many organisations have a data invisibility challenge. We have become packrats since the ‘big data rush’ started. We keep every single thread of data – but we don’t know where we put it. One of the biggest challenges when a breach occurs is not knowing what was taken.”
Camiel Govinsammy, cyber security advisory, data protection and IAM at the office of the CCSO in the Sasol Group, added: “Third party risk adds to the complexity of protecting data. It is important to understand the flow of data to third parties and what due diligence processes they have in place to manage your data. Since the work from home explosion moved the parameters on how we need to protect data, we now need to understand where the data flows – to third parties and customers – and how it is being accessed.”
Megaree Naraidoo, head of security, governance, risk and compliance at Bayport Financial Services, added: “Security is everybody’s business, and so is data. We need to look at it holistically, understanding value and risk around data. Proper governance, risk and compliance would increase visibility into the threat landscape, but there is no silver bullet for data protection. Multiple solutions need to work together.”
Cassidy said DSPM offered a better model for protecting data. “Gartner sees DSPM as a transformational technology that can have a significant impact on protecting data. DSPM gives visibility on where sensitive data is, who has access to it, how it has been used, and the security posture of the data store or application. It encompasses data landscape intelligence, data access governance, data detection and response, and privacy and compliance,” he explained.
He added: “It’s not enough to look at data in motion, we also need to look at data at rest. Organisations need to use technologies like AI to hyper-enable their ability to identify risks, protect, detect, respond and recover from breaches, and govern data across multi-cloud environments.”
“Rubrik is applying this to cloud environments, to deliver DSPM functionality for all workloads. It is an API integration into cloud workloads to discover all data, monitor how users are accessing it on a continuous basis, and identify anomalies. It controls how they access data, limits the attack ‘blast radius’ and prevents double extortion by eliminating unnecessary data. Rubrik with DSPM gives organisations unified data protection and enables automated classification, so organisations can identify and remediate risk, and recover rapidly.”