Why Automated Sensitive Data Catalog
A common misconception is that IT teams can manually compile a list of sensitive data
How and why organizations are moving from perimeter defense to data-centric security
Today, the question is no longer if a network will be breached but rather when and by whom. Increasingly sophisticated hacking techniques, along with evolving business practices, have made it all but impossible for organizations to keep all their data in a single location. This leads to a fundamental shift in the way companies think about information security, globally. Data-centric, rather than network-centric, is the new norm for security in our new age digital environment.
The data-centric approach to cybersecurity allows an enterprise to focus on what they really need to protect—their sensitive data. By protecting the sensitive information in files and databases that contain it, companies can take advantage of cloud computing, mobile technology, and other innovations without placing their business at risk. To better understand the scenario of data-centric security, let us take a look at what is happening to the data landscape on a global scale.
The Changing Data Landscape
The unreasonably high volume of data and the number of systems continue to pose problems for organizations struggling to catch hold of all the data and deliver it rapidly to business users. Various big data technologies like Hadoop and Teradata are quickly being adopted to help smoothen the process of storage and access to all the newly created data. Further driving the adoption of big data technologies are applications like analytics, AI, machine learning and IoT which are all powering the formation and growth of new data lakes.
The current data landscape is fragmented, not just in location but also in terms of processing paradigms: data lakes, IoT architectures, noSQL and graph data stores, SaaS vendors, etc. They coexist with the relational databases to power modern analytics, machine learning and artificial intelligence. As one can imagine, the data today comes in various formats and from different systems. Some of the data is structured and stored in tables in relational databases, data warehouses, et al. Other data is unstructured and stored in Hadoop, NoSQL, and graph databases. Other data that resides locally can also be in the form of Word or Excel documents.
The real challenge is how to bring these different types of data together and put them together under a single format. Even if organizations try to transform the data into structured components for storage, it is expensive because of the volume of data. Data warehouses and operational data stores are not a cheap affair.
Increasing Attack Surface
Even though the systems today have evolved and solved the format and cost challenges associated with data warehouses and operational data stores, they have not solved the problem of making it easy to convert the data into the formats business users require. Nor are they able to deliver it quickly, often turning these data lakes into data swamps.
There used to be a clear distinction between the inside and outside of an organization and infrastructures had clearly defined boundaries. However, with the rise of Internet of Things (IoT) and cloud services, that end-point has expanded and there is no clear, easily protected line that can keep data in and attackers out. Many organisations still have a legacy perspective of the perimeter. This is problematic for security teams, who have to fight on an ever-expanding frontline. With the IoT industry estimated to reach $276 billion by 2020, and potentially 75.4 billion devices by 2025, the attack surface will expand exponentially. The issue lies in the fact that security is rarely built into the design of these devices and their software, leaving them open to attack.
Nowadays, data breaches are creating massive financial burdens for companies, consumers and the government. Perimeter breaches will become even more common in the years to come, as data volumes continue to grow and the technology architecture advances forward from the traditional network-based models. In this digital environment, data-centric security is the most feasible option for protecting sensitive data.
Beyond Perimeter Defense to Data-Centric Security
Traditionally businesses have focused their IT security primarily on perimeter defense—blocking threats before they enter the network. This protection still holds an important place in a company’s IT data protection strategy. But with today’s cloud computing, IoT devices, and advanced persistent threats, organizations need security that protects their data wherever it is located, requiring new data-centric security. Organizations need “inside-out” protection that focuses on the data. So businesses require a smart protection tool—providing adaptable protection on the local level as well as from the cloud.
The defining characteristic of data-centric security is that protection is applied to data, irrespective of its location. To be effective, this must happen automatically—sensitive information should be identified as soon as it enters an organization’s IT ecosystem, and should be secured with policy-based protection that lasts throughout the data lifecycle. A typical implementation of data-centric security consists of software installed on every IT asset where sensitive data might be created or stored. Today, the network and device protection continue to dominate IT security resources, but are becoming less credible at protecting organizations from massive threats.
Every time a new file is created or an existing one modified, the security tool should be able to scan these files to determine whether it contains sensitive information or not. And then it should be able to apply the appropriate protection. Only authorized users can access the protected data and it remains unavailable for unauthorized users. When an organization implements it, the data-centric security reduces the serious impact when network and device protections fail.
Companies are therefore, in need of a tool which will collect threat intelligence and context-aware data usage (who, what, where, when) to create customized data protection. Now, this is where Kogni comes into the picture. By combining threat intelligence and customized protection, Kogni can enable companies to create effective data usage policies and detect possible data breaches, even from advanced persistent threats, or targeted attacks.
If you are part of an enterprise that is in the process of implementing data technologies or if your enterprise already has mature data environments, you should consider deploying a data-centric security solution. Effective data-centric security solutions is the most reasonable way to realize a Zero-Trust Model. Without a full-proof method to protecting ever-growing sensitive data and keeping unrestricted access out of the hands of insiders, the data breach problem will continue to grow multifold.
Cyber-resilience should be considered as an ongoing journey and not an end-state. Organizations must be willing to push their limits, prepare for the worst, and identify their vulnerabilities. When it comes to selecting a solution that helps you navigate the complex data security and privacy aspect, Kogni is your best bet. For a comprehensive free data-centric security risk evaluation, please reach out to Kogni at email@example.com or visit us at kogni.io
Comptia Report ( December, 2017) The Cyber Security Landscape. Retrieved from- https://cybersecuritysummit.co.uk/wp-content/uploads/sites/29/2017/11/04270-uk-cyber-security-whitepaper-online.pdf
Robert O’Connor (October, 2018) Data-Centric Security: The Changing Landscape. Retrieved from- https://www.symantec.com/blogs/expert-perspectives/data-centric-security-changing-landscape
Accenture Report., Achieving Data-Centric Security. Retrieved from- https://www.accenture.com/t20170926t022857z__w__/us-en/_acnmedia/pdf-60/accenture-achieving-data-centric-security-us-web.pdf