A Data-First Approach to Security

Author : Raajveer Loyal

Cybersecurity Live - Boston

With news of the Marriott Hotel data breach questions arose as to how such a breach could occur in the first place when the hotel industry in particular has a history of security breaches.

The reason why hotels such as the Marriott don’t often prioritise data security could be because their focus is on driving revenue rather than protecting their customers’ private information.

Data is the new currency:
Businesses will either grow or wither based on their ability to properly utilize as well as protect data, yet the priority of data protection has some way to go before it reaches the level of importance it needs to have.

For quite some time, the thinking behind enterprise data-security has been based on potential external threats, however with technology constantly evolving, issues that once mattered in the past do not now hold the same level of importance today.

Advancements in the areas of inter-connectivity, cloud systems, and remote access has changed the whole concept of what can be termed as an internal or external threat. Irrespective of where a data breach may originate, protecting the data first should be the overriding concern.

The importance of data-first security:
The main reason why a data-first security approach is of huge significance is because an “outside in” security approach to your data is based on assumptions that are no longer valid.

If you see your security strength as being dependent on your perimeter defences, it remains possible for an internal employee to be compromised or go rogue, which increases the risk of a huge company data breach occurring.

New call-to-action

The introduction of regulations such as GDPR, and the California Data Protection Act (CCPA) has provided a shift in how companies should approach protecting the sensitive data for which they are responsible.

With a recent survey showing that 83% of U.S organisations have accidentally exposed sensitive data, it is clear that moving security closer to the data is essential to prevent data falling into the wrong hands.

Taking the steps towards data-first security program:
Knowing where your data resides and who access it is foundational to an effective data-first security program.

In addition to this, having a risk prioritization process is important to better understand what the levels of data exposure are, then make meaningful changes such as a re-evaluation of data access controls.

Collaborating with the business leaders who would be impacted by the implementation of this new program is important to building support and ensuring its success within the company.

You can find out more about how a data-first approach to security enables digital innovation while reducing risk and simplifying compliance in this on-demand webinar.

*** This is a Security Bloggers Network syndicated blog from Blog – Protegrity authored by Raajveer Loyal. Read the original post at: