September 4th 2020 – By Gareth Tranter

Why data is the missing link in your cybersecurity strategy

Originally published in Help Net Security

Everyone’s aware of how challenging maintaining a strong cybersecurity posture is these days. There’s no longer a perimeter to protect and with remote working becoming the norm since the advent of COVID-19 and BYOD stretching digital boundaries to their very limits, good security is significantly tougher to achieve.

When evaluating cybersecurity strategy and any risks to the organisation, we’re typically looking at users, devices and IoT devices as possible ways into the infrastructure. And yet it’s not these people and things attackers are really interested in – it’s the data.

While data that’s stored in locked-down databases, such as CRM and storage systems, is ordered, structured and easy to secure, 92% of the world’s data is unstructured, or dark data.

Our own research suggests that a typical organization’s unstructured information contains:

  • 42% confidential information
  • 1% sensitive personal information
  • 9% personally identifiable information

Think about all the emails that are sent and the documents that teams create every day, which aren’t maintained in organized databases? And the file-shares such as SharePoint and OneDrive, the company intranet and personal folders?

Keeping on top of this unstructured data is a huge challenge. Our research revealed that 95% of IT professionals say it’s a challenge to get visibility across their organizations’ data estate, yet only 39% of organizations are taking active steps to gain visibility of their data.

But fail to do so and over time dark data becomes forgotten and vulnerable to insider threats and external breaches. In fact, our research also showed that data breaches by employees are seen as the biggest risk to an organization – with 40% of respondents naming internal breaches as the biggest threat in the coming year.

So how can you enhance information security and build a solid cybersecurity strategy?

Change the focus

It’s a fine balancing act. On one side, organizations must lock data down to secure it and protect it from harm. On the other, they need to open up the business to provide greater access to the information people need to do their jobs. The answer lies in the data.

The fact is, no business can protect itself from an insider threat or external data breach until they have all of their data – both structured and unstructured – under control. The first step has to be to discover what’s there, where it’s stored and whether there’s sensitive data within it.

These insights allow the organization to determine how that data can be protected. Maybe nothing has to be done, because appropriate controls are already in place. Or maybe the data has to be moved or deleted.

By gaining visibility, a business can prioritize its risks, take action to protect the data at the source and, perhaps, even reveal hidden value in it.

Wrap the right methodology, technology, and processes around the data

By employing the right cybersecurity strategy, methodology, technology and processes, an organization can secure its data while enabling its workforce to continue to operate without having to follow undue procedure to access it when they need it to do their jobs.

The journey towards effective information security puts data at the heart of the strategy, and follows five key steps:

1. Documented data policies and processes: Set out the intentions for how the organization will deal with its data to lay the bedrock for successful data security and governance.

2. Employee awareness, training and culture: Data security and governance should be so ingrained into people’s thinking that it sits front and center in their minds every day.

3. Information discovery and classification: Identify what data lies within the estate so appropriate actions can be taken to secure it, extract value from it and manage its complexity.

4. Adding enforcement technologies: Document encryption, data loss prevention, access control, data remediation, content management – taking a blended approach to enforcement means opening up APIs and integrating systems.

5. Operational process and record keeping: KPIs enable the business to monitor and better understand its data to identify areas for continuous improvement.

Conclusion

Data is a business’s most valuable and most risky asset, but to secure it you must know what you’ve got, so it’s imperative to be able to find and reveal both structured and unstructured data across the company’s assets.

Once a business knows its data, it can protect and power the organization and the people it serves by both mitigating the risks in the data and using it in positive and proactive ways to drive the business forward.

To learn more, download our Report “How to strengthen Information Security with Data Discovery”