Rebuilding Digital Trust
Every day it seems there is news of yet another data breach. Consumers are resigned to the fact that their personal information is “out there.” It is just assumed that once or twice a year, you’ll need to replace a bank or credit card because of fraudulent activity. Businesses, with all their resources—including incredibly smart people using the best cybersecurity solutions available—still have trouble securing data.
Why is that? Because of the operational demands from the business. For growth, for efficiency, for productivity and for reaching new customers. As businesses digitally transform, they accelerate partnerships, move to the cloud and leverage hundreds of different SaaS apps to power the business. At the same time, employees, business partners, contractors and suppliers all expect to have remote access to systems. Old moat-and-castle perimeter-based architectures have been left in the dust. New ones are now being built. In the meantime, attackers are feasting on an increasingly broad external attack surface, with many software and supply chain vulnerabilities and on and on it goes.
Why Digital Trust Matters
Securing data is a matter of personal and national security. The march to digitize all aspects of our lives is only going to accelerate. This is especially true in the most sensitive aspects of our lives: Health care and financial services. As we have seen in the banking sector, trust is at the heart of these relationships. Beyond these critical industries to the more trivial aspects of life, like retail shopping, digital trust becomes a competitive advantage. If a retailer suffers two or three breaches in a year, consumers are likely to look elsewhere.
Heavily regulated industries are used to dealing with compliance and regulations. What we’re seeing in the last five years with privacy regulation is that each country and each jurisdiction is fighting to maintain control over citizens’ data. Why? Digital trust has eroded among citizens and governments. This creates friction between users, businesses and governments.
Three Keys to Rebuilding Digital Trust
Data is being used to collaborate across the organization, inside and out, to develop new business opportunities and drive value for the organization. The reality now is that how we secure our data must change because how we use it has changed.
Instead of focusing on the infrastructure components of hardware, networks, applications and identities, it is time to put data at the center of modern security programs. Until that happens, attackers continue to have the advantage and breaches will continue.
To rebuild digital trust, security teams must be able to answer these questions:
- What is the value and the risk that data represents?
- Who has access to it?
- How is it exposed to external and internal risk?
You must be able to discover all data stores, known and unknown, automatically and continuously. Consistent visibility and a deep understanding of data are foundational requirements for the security program of any forward-looking enterprise.
Automation, speed and scale are critical to deal with the pace of data creation and consumption. And an effective classification and contextualization capability to implement the appropriate and effective controls also are a must. Leveraging cloud-first principles, as well as harnessing the advancements in machine learning, have made this possible and even simple. To rebuild digital trust, security teams must adapt to the future by putting data at the center of our security programs.