Jonathan Roizin, Flow Security’s CEO, attended the 6th Annual Privacy and Data Protection Summit, along with Nir Chervoni, Booking.com‘s Head of Data Security. The two discussed data security posture management (DSPM), including what it is, the challenges it faces, and Flow Security’s unique and holistic approach to dealing with data challenges today.
Watch the full video now!
What is Data Security Posture Management?
According to Gartner’s 2022 Hype Cycle for data security, Data Security Posture Management (DSPM) provides visibility as to where your sensitive data is, who has access to it, how it’s been used, and what the security posture of your data store or application is.
“Data Security Posture Management is an approach that focuses on reducing risks, mainly on data whether it’s being stored, transmitted or being used, and taking into consideration the new challenges of today’s world”Nir Chervoni, Head of Data Security, Booking.com
Read our blog post about ‘What is DSPM?‘
- Data is fragmented over thousands of applications, data stores, and SaaS providers, making it difficult to track and secure sensitive information.
- The unique characteristics and behavior of data in cloud environments, such as increased accessibility and the ability to easily change shape and be transferred, increase the risk of data breaches, unauthorized access, and data exfiltration.
- Developers often have more accessibility to production environments in general and production data in specific, which can increase the risk of data breaches if proper security measures are not in place.
- The fast migration to the cloud can create a higher probability of misconfiguration, which can ultimately increase the risk of data breaches if not properly addressed.
Inherent Data Risks
“Inherent Data Risks it’s mainly about risks that have no controls and no attempt at mitigation”
- Unauthorized access to sensitive data: Sensitive data, such as personal or financial information, can be vulnerable to unauthorized access if it is not properly protected. This can occur due to a lack of data protection measures, such as encryption or access controls, or a lack of visibility into who has access to the data and how it is used. Unauthorized access to sensitive data can lead to privacy breaches and damage an organization’s reputation.
- Unauthorized access to systems and applications: Without proper credentials and protection tools, it may be possible for unauthorized individuals to gain access to an organization’s systems and applications. This can lead to data breaches, malicious activity, or theft of sensitive information.
- Violating subject data rights of access / to be forgotten: Data subjects have certain rights with regard to their personal data, including the right to access and the right to be forgotten. If an organization lacks the necessary data visibility and orchestration abilities, it may be unable to fulfill these rights or unknowingly violate them. This can lead to regulatory violations, legal liabilities, and damage to an organization’s reputation.
- Inability to respond to data breaches in a timely manner: If an organization lacks the necessary capabilities to detect and respond to data breaches, it may take longer to identify and address the issue. This can lead to further damage and consequences, such as data loss, financial loss, and damage to an organization’s reputation. To effectively respond to data breaches, organizations need to have robust people, processes, and tooling in place, as well as the necessary data visibility capabilities.
- Unauthorized data exfiltration – Data exfiltration refers to the unauthorized transfer of data out of an organization’s systems. This can occur through various means, such as email attachments, cloud storage, or removable media. To prevent unauthorized data exfiltration, it is important to have controls in place to classify data and restrict access based on need-to-know principles. If data classification controls are lacking, it may be easier for attackers to exfiltrate sensitive data.
The Data Challenge
Data risks pose a unique threat to organizations because they have the potential to impact every aspect of the business. Unlike other security domains like Cloud Security, SaaS Security, or Endpoint Security, which focus on specific systems or departments and span vertically within specific areas, data risks span horizontally across the entire organization. This makes data particularly challenging to manage and requires a comprehensive data security posture management strategy to ensure the protection of sensitive information. In today’s digital world, where data is more widespread and easily accessible than ever, prioritizing data security is crucial to mitigate these risks and safeguard your organization’s sensitive information.
“Data security is different. Usually, security teams are looking in a very siloed kind of manner. Data is horizontal. Data can be everywhere, and this is especially true in the new environment.”Jonathan Roizin, Co-Founder and CEO, Flow Security
The characteristic of data liquidity makes it particularly challenging to discover, classify, and protect sensitive information. Data can act like a liquid in several different ways: it can easily change shape, and it is easy to transfer, share, and move around. This makes it difficult to track data and ensure its security. To mitigate the risks associated with data liquidity, it is essential to track data wherever it flows and secures both data at rest and in motion. A comprehensive data security posture management strategy that includes tracking data movement and securing both data at rest and in motion is crucial for protecting an organization’s sensitive information.
Flow’s Holistic Data Security Approach
- Discovery must reform as infrastructures evolve: As technology and business practices change, we must adapt how we discover and track data. This is especially true as data becomes more dispersed and moves between various systems and devices. A holistic data security approach must identify and locate data wherever it flows, whether stored on servers, in the cloud, or transmitted over networks. This requires a flexible and adaptable discovery process that can keep pace with the evolving nature of data and infrastructure.
- Understanding the complete data journey is essential: To effectively secure data, it is important to have a thorough understanding of how it is used, accessed, and transferred within an organization. This includes tracking the flow of data from its creation to its ultimate destination and understanding the various points at which it may be vulnerable to attacks or breaches. By understanding the complete data journey, organizations can identify potential weak points and take steps to secure them, and implement controls to prevent unauthorized access or misuse of data.
- Data security requires a boundless perspective: Data security cannot be limited to a single point in the data journey or a single type of data. Instead, it must consider the entire landscape of data use and movement within an organization. This includes everything from internal data transfers to external partnerships and collaborations. A boundless perspective allows organizations to identify and address potential risks and vulnerabilities across the entire data ecosystem rather than just at individual points.
- Data security has to be centralized: While data may be dispersed throughout an organization, it is important to have a central point of control and oversight for data security. This helps to ensure that security protocols and measures are consistently applied and that any vulnerabilities or threats can be quickly identified and addressed. Centralization also enables organizations to respond quickly to incidents or breaches and to coordinate their efforts to protect data across the entire organization.
Conclusions And Key Takeaways
- Data Security Posture Management (DSPM) is an approach that applies security from the data prism.
- Data risks are different than any other security domain as it spans horizontally while most other domains span vertically.
- Data Security Posture Management (DSPM) solutions can effectively mitigate various data risks.