Image credit: iSergey // Getty Images
View on-demand session summit from Low Code/No Code, Learn how to successfully innovate and increase efficiency by upskilling and scaling citizen developers.
18 minutes: In less time than it takes to receive a typical takeout order In a short amount of time, a sophisticated bad actor can completely destroy your network. Such breaches can seriously damage not only your organization’s reputation, but its bottom line. The average cost of a breach this year reached a staggering $4.35 million, an all-time high. While some businesses can ride out such a financial hit, for many others it could be a death knell.
The motivation behind these attacks is clear: access to sensitive, personal or proprietary data generated and stored anytime, anywhere. Today, businesses of all sizes and industries are grappling with how to properly store, manage, control, govern and protect this precious resource, especially in our post-pandemic digital frontier.
As data environments continue to grow in size and complexity, so do security threats. While we have seen slight relief over the past two years as many bad actors have turned their attention to taking advantage of COVID-19 economic relief, they have now refocused on traditionally traditional industries such as financial services, telecommunications, energy and healthcare. Target in lush pastures.
The reality is that no company, from the world’s largest corporations to mom-and-pop stores, is immune to cybersecurity challenges. So here are five ways businesses large and small can reduce risk, identify vulnerabilities, and position their organizations for security success.
Data security: watch your people
Without a doubt, the greatest threat to an organization’s cybersecurity is its people. Whether voluntarily through insider attacks or unintentionally through social engineering, most breaches Behaviors all take place in important internal collaborations.
“Jan, I’m busy with meetings all day and need you to buy $500 Apple Cards right now and give them as a gift To our customers.”
Does this shady text or email sound familiar? At some point, we’ve all received a version of these phishing scams, purportedly usually from CEOs or senior leaders, asking us to click on a link, update software, or buy an odd number of gift cards. Ironically, it is often our desire to be helpful that brings bad actors through the door. As more organizations look to “democratize” data or make data accessible to more business users, it is critical that teams receive regular training and education to help them identify various types of threats and understand the procedures to properly handle such incidents important.
Zero Trust Approach
Cybersecurity has traditionally been thought of as external versus internal: bad guys on the outside, good guys on the inside. But with the rise of the cloud and mobile phones, desktops, laptops and any number of other devices accessing the network, making such a neat separation is no longer feasible or responsible.
Enterprises should instead implement a Zero Trust Architecture: Essentially, network-wide suspicion of anyone or any device inside or outside the perimeter. Rather than giving every employee or contractor full network access, start with the minimum privileges or those required for their role and require authentication on every network plane. This establishes more layers of security, and if a bad guy breaks into a door or gets a key, lateral movement is more tedious.
Secure Hybrid Multi-Cloud
The future is mixed. Modern data strategies are no longer one-dimensional. Not on-premises, cloud or multi-cloud, but a seamless combination of them all.
Organizations must have a scalable, adaptable and flexible platform: scalable to properly store and process large amounts of data and diagnose vulnerabilities before they become vulnerabilities; adapt to Rapidly build machine learning (ML) models on new data sources; and be flexible, allowing data and workloads to move freely to optimize cost, performance, and security.
A hybrid model allows high-value, highly sensitive data to remain on-premises, while the elastic, cost-effective nature of multi-cloud can be used to manage less sensitive information. When developing a hybrid model, ensure that your platform can enforce consistent security and governance policies throughout the lifecycle of your data, no matter where it is stored or moved, or for what purpose.
Built-in data security and governance
In order for data to be used responsibly and efficiently, it must be consistently protected and managed. If you don’t have confidence in any of these basic elements, you won’t have confidence when sharing information. Businesses must invest in a data solution that has built-in security and governance capabilities from the beginning of the digital transformation journey. Going back later and using a third-party solution is very difficult and expensive.
Risk is even higher for businesses operating in tightly controlled environments with different sovereign rules and international, federal, state, industry or internally specified standards and regulations . Everything
must be built on security and governance, not the other way around.
Protect and manage real-time data
While a point solution provider might manage petabytes of data, in the enterprise world, a single customer alone can exceed that number. Additionally, much of this is fluid unstructured data, flowing from the edge through billions of devices, sensors, and countless other applications. This presents enormous security challenges for both organizations and leaders.
Therefore, a key component of any cyber threat detection and mitigation strategy is being able to scale. Knowing its provenance or record is crucial – what is its lineage? Did it arrive safely? Was it tampered with in the pipeline? What happened after it arrived? If data platform providers don’t have the capabilities to manage and secure streaming data at scale, businesses are likely to find the token barn door shut after a horse is stolen.
Cybersecurity in 2023 and Beyond
Data security has never been more complex or complex, and a worrying geopolitical climate will only exacerbate the threat. Security breaches have grown exponentially, driven by new remote work strategies and global stressors such as inflation, food shortages, rising unemployment and a looming recession.
As new innovations such as the Metaverse emerge, where cryptocurrencies and DeFi, 5G and quantum computing are all in their infancy, the cyber battle lines in which corporations and bad actors are engaged will continue to be reinvented draw. Despite a greater emphasis on security across industries and significant steps taken by many organizations to mitigate risk, we still find ourselves in an endless cat-and-mouse game. For every step we take to become better, smarter, and safer, bad actors mirror our footprints, often with the same determination, resourcefulness, and technological assets.
For organizations to be truly data-first, they must prioritize security and governance as the foundational pillars of any data management strategy. If they don’t, they may find themselves letting the fox into the coop — never even knowing it.
Carolyn Duby is Cloudera’s Field CTO and Head of Cybersecurity
Data Decision Makers
Welcome to the VentureBeat community!
DataDecisionMakers is where experts, including technologists working with data, can share data-related insights and innovations.
If you want to learn about cutting edge ideas and the latest information, best practices and the future of data and data technology, join us at DataDecisionMakers.
You may even consider publishing your own article!
Read more from DataDecisionMakers