The case for data-centric security in 2022
We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
As it pertains to cybersecurity, the start of the new year has marked anything but new beginnings. Now four months into 2022, the reality of our cyber crisis is unfortunately still more of the same – more attacks and more breaches, yet the same reluctance to pivot from legacy security controls and outdated approaches that are failing on a global scale.
Over the past few weeks, we’ve witnessed cyberattacks emerge as a new facet of war. We’ve seen major chip manufacturers, multi-billion dollar news conglomerates, automobile manufacturers, school systems, and oil companies all fall victim to a variety of attacks that resulted in the loss of service, loss of revenue, and loss of data.
This aforementioned list of organizations isn’t comprised of small mom-and-pop businesses with non-existent cybersecurity budgets. It’s full of name-brand global enterprises with significant investments in sophisticated security protections. So why, then, do the companies that essentially do what they’re supposed to do, at least by common industry convention, still end up in the headlines? It’s because these attacks, like a majority of the 2021 incidents that preceded them, were common byproducts of the lack of data-centric security across the cyber community.
We’ve seen this movie thousands of times, but keep misinterpreting the plot: the bad guys don’t steal the network itself — they steal (or destroy) the data.
All too often, enterprises are exposed for failing to adopt security approaches that align with an evolving threat landscape, where highly sophisticated threat actors and ransomware gangs are more capable and more well-funded than ever before. Today’s common cybercriminal can easily bypass the thin veil of passive security controls that exist in data storage systems, enabling them to silently and often effortlessly steal or destroy large volumes of unstructured data assets for malicious and monetary gain. Without a data-centric security model that enables Zero Trust and Principle of Least Privilege concepts to be applied at every access point, there isn’t an effective way to safeguard that data from potential threats.
A fundamental change in approach is long overdue. Instead of operating with a narrow focus on the ever-changing tactics, techniques and procedures (TTPs) of attackers, enterprises need to place a higher priority on actively safeguarding the assets they’re after. That is the foundational component to data-centric security — protecting data at the core, not from the perimeter.
The technology behind data-centric security
Adopting a data-centric security model starts with re-orienting the focus away from traditional network-based security approaches in favor of ones where security begins where the data lives. The modern definition for these cyber-infused storage technologies is called Cyberstorage, and the solutions leverage artificial intelligence and machine learning to blend active security controls with advanced compliance and monitoring, generating real-time internal visibility to better identify, detect, respond, and recover from encrypted attacks on unstructured data assets.
These solutions, compatible with any on-premise, cloud or hybrid network environment, strengthen data maturity by simplifying the complexities of active data protection, scalable data storage, and continuous data compliance through a unified approach.
- Data protection: Securing both primary and secondary data files from compromise, loss, theft, or corruption while providing the integrated capability to quickly restore the data to a functional “known good” state in the event of a breach
- Data storage: Providing scalable utility architecture to efficiently store data while prepreserving the accuracy, completeness, and quality of data as it is made accessible to users over standards-based protocols
- Data compliance: Minimizing threat vectors by certifying that all systems enforce the required data security policies on a continuous basis, and that all users comply with regulations to prevent misuse, theft, or loss of sensitive assets.
Cyberstorage solutions also enrich the organization’s cyber ecosystem with actionable cyber defense insights that aren’t attainable through external-based network systems. The real-time guidance generates the essential agility to not only prevent breaches, but also swiftly respond to them and mitigate their impact.
Cyberstorage is the missing piece in a complex security ecosystem. It’s not a replacement for network-based cyber solutions, but rather the key ingredient that has been missing in the recipe to defend against modern data-centric attacks like ransomware, data theft, sabotage, and…well….basically all the attacks that have happened over the last handful of years.
How to implement data-centric security
Implementing data-centric security doesn’t need to be difficult. It boils down to three basic steps:
- Reorient your perspective
- Layer and compartmentalize
- Establish a feedback loop
Before investing in the actual technology behind data-centric security, it’s critical for enterprises to develop the mindset for a data-centric approach. The first step is to stop thinking about security as a “doors and windows” problem — you know, just lock the doors and the windows to keep the bad guys out — and instead view it in the context of the asset you are most interested in protecting. Ask yourself, if it’s impossible to keep the threat out, then what defenses can ensure my data still remains secure?
Most organizations lack visibility into what is actually happening with their data — how much is there, how it’s being used, who has access to it and what differentiates “normal use” from “abnormal (or malicious) use.” The effectiveness of data-centric security is rooted in the insights which come from the usage of data sources themselves. It takes smart software like a cyberstorage solution to do this effectively, but before you get to that point, you must have a general understanding of how to logically categorize users and applications by function, and then take a segmented approach to implementation. Once those boundaries are established, implement controls in layers to ensure protection.
Security is a living and breathing thing. The ever-evolving threat landscape requires organizations to continually improve their defenses. How you accomplish that is by taking information from multiple sources and continuously feeding it back into a system which can evolve right alongside the threats. Sources like audit and change logs, admin and user access patterns, and policy changes provide a basis for machines to learn and improve defenses autonomously.
Data-centric security obviously extends beyond what humans alone can do. Humans create the business rules, but it’s the technology that implements them. With the volume of data stored expected to triple over the next several years, taking a data-centric approach must start with paying attention to where that data lives and how “security savvy” those storage systems are.
Making real, tangible progress toward strengthening organizational security posture can only be accomplished through cyber resilience from protecting data at the core. By placing a heightened emphasis on implementing data-centric security across the public and private sectors, we can take steps to ensure 2022 is a year of positive change — not just more of the same.
Eric Bednash is the CEO and cofounder of RackTop Systems.
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including the technical people doing data work, can share data-related insights and innovation.
If you want to read about cutting-edge ideas and up-to-date information, best practices, and the future of data and data tech, join us at DataDecisionMakers.
You might even consider contributing an article of your own!
Read More From DataDecisionMakers
Source: Read Full Article