Security teams struggle to keep pace with data proliferation across their cloud environments. The cloud provides obvious business advantages, but the sheer volume of data moving to the cloud, the lack of visibility and the use of multiple cloud service providers all increase the threat surface exponentially. In this rush to the cloud, enterprises have lost control of data security, especially in multi-cloud environments. Cloud data security requires a new approach to addressing increasingly stringent regulatory requirements, managing the secular growth in data volumes, enabling cloud migration and mitigating the risks posed by cyberattackers. CISOs and security teams need rapidly deployable, comprehensive and innovative solutions. And they need them fast.
Consequences for Data Breaches
Regulators are making it clear that there will be consequences for data breaches beyond reputational damage. Recently, Sephora was fined by California regulators, Shein Holding Company was fined $1.9 million by New York regulators and Morgan Stanley was fined $35 million by the SEC because of data breaches.
The consequences are escalating further, becoming intensely personal for CISOs. In a first-of-its-kind case, Joe Sullivan, the former CSO of Uber, was criminally charged and convicted for failure to disclose a data breach to regulators. According to the Department of Justice, Sullivan faces up to five years in prison for obstruction of justice and another three years for failing to report the crime.
We are entering an era of accountability for businesses and the executives responsible for cybersecurity. It’s time to address the critical issues holding back data security programs.
How to Fix This Mess?
● Ownership. Procuring data solutions is siloed today. Business units and product owners are concerned about their data. Governance, risk and compliance teams are interested in data from a privacy and policy perspective. IT is focused on identity while security is focused on data access controls. All these teams are focusing on the space from their vantage point and procuring niche solutions with overlapping functionality that, despite the overlap, still leave gaps in detection, context and protection. Data is so critically important that it is a top priority across the organization. Multiple teams have their charter and their own tools. Meanwhile, the entity is lacking a comprehensive data security strategy.
● Awareness. Security professionals are tasked with deploying various controls, both on-premises and in the cloud. They own a variety of tools, many of which have left them cynical and frustrated by long deployment and tedious configuration cycles with minimal benefit. Security teams often do not know about (and are not held accountable to understand) the shifting data security landscape.
● Prioritization. As cloud becomes the dominant focus, security pros are prioritizing cloud security posture management and cloud-native application protection to protect infrastructure and applications, identity and access management to protect identities and endpoint security with a strong focus on APIs. But data, mainly due to a lack of clear ownership and responsibility, is still stuck in the “moats and castles” approach where security pros secure everything around the data but not the data itself.
The answer for security leaders is data security tools that focus on intelligent automation and remediation. Whether you call these next-gen data protection platforms, data security posture management or something else, these cloud-native solutions leverage:
● Cloud APIs instead of agents to enable continuous discovery that is out-of-band and requires minimal permissions,
● AI+ML+NLP classification and semantic contextualization to automate data categorization and classification for massive volumes of data,
● Risk assessment and remediation guidance applying security/risk, compliance and regulatory frameworks to contextualized data to highlight exposures and guide remediation, and
● Automated remediation workflows to minimize the attack surface and enable operational resilience and preparedness.
This will finally enable security professionals to consolidate their current offerings while having better context over the data their businesses manage and how it’s used and ultimately apply more effective controls to enable the business versus blocking or slowing activities as they are forced to do today.
It’s in everyone’s best interest that this happens sooner rather than later.