All Roads Lead to Data

June 21, 2023

All Roads Lead to Data

What is cybersecurity? A common answer is that cybersecurity is a way to keep computers, technology devices, and information safe. Essentially, it’s like having locks and alarm systems in place to protect against undesired activity within devices and information. Cisco defines the term as "The practice of protecting systems, networks, and programs from digital attacks.^[1]" IBM refers to it as "The practice of protecting critical systems and sensitive information from digital attacks.^[2]" And finally, CompTIA defines it as "The practice of being protected against the criminal or unauthorized use of electronic data, or the measures taken to achieve this.^[3]" I want to expand on this basic understanding and discuss the ultimate crown jewel of cybersecurity and the reason it is so important. In a word, it's "data." An organization can protect its endpoints, servers and networks, and even have a backup plan in place but an organization is only as secure as their data.

Data – The Core of Cybersecurity

Data is the lifeblood of every organization. It is the combination of intellectual property, trade secrets, customer, financial, or medical information. A breach or attack on an organization’s data would have devastating consequences such as financial losses, damage to a brand, and even compliance penalties. It is critical to establish a cybersecurity strategy focused on data. Attacks are constantly growing in frequency and sophistication. Consider all the layers of cybersecurity and their intended protection. Ultimately, the primary aim of cybersecurity is to protect an organization's data from unauthorized access, exfiltration or manipulation. So, a data-centric approach to cybersecurity should be at the forefront of every organization's overall strategy.

Layers of the Cybersecurity Onion

Let’s break down some of the most common layers of the cybersecurity onion. With each layer we can see how they ultimately exist to protect data.

• Firewalls – Firewalls are a critical part of an organization's cybersecurity strategy, acting as the first line of defense against potential threats by monitoring and controlling network traffic based on predefined security rules. While essential for establishing a secure network perimeter, firewalls alone cannot ensure comprehensive data protection.
• Network Boundaries – Gateway security aims to protect an organization's network entry and exit points, such as routers and switches, from cybercriminals who may intercept or manipulate data.
• Endpoint Security – Endpoint security focuses on safeguarding devices connected to an organization's network, such as computers and mobile devices, which could be targeted by cybercriminals to access sensitive data. Endpoint security only aids in minimizing the risk of unauthorized data access.
• Identity and Access Management – A common example, Active Directory (AD) is a prime target for cybercriminals due to its central role in managing identities, permissions, and thereby sensitive information. Securing AD is crucial to preventing attackers from gaining unrestricted access to an organization's data and resources. The same holds true for other IAM solutions.
• Backup Strategies – In the event of failure or an attack, an organization might have to revert to a data backup. While these are critical and can bring data and systems back online and functioning, it’s obviously ideal to avoid this situation and secure the data as a matter of priority.

Data-Centric Cybersecurity

Many organizations have gone to great lengths to define policies across the layers of their cybersecurity program, yet all too often they are not securing the data layer itself. A single failure or breach is all it takes to ruin a company and give the competition a clear advantage. Organizations should think of data governance and data protection as top priorities, but you may be surprised that some are only just beginning to consider a proper data-centric cybersecurity strategy. This strategy should include maturing a data governance framework, identifying data owners, and implementing proper security platforms. Organizations will typically require consulting expertise to achieve the proper security program required by today’s ever-changing world of threats. Given that one of the primary goals of cybersecurity should be securing data, where should an organization start? At the data! This involves finding, classifying, and prioritizing sensitive data and implementing the proper security measures to protect it. Data discovery and classification products or platforms can help organizations gain a clear understanding of the location, access controls, and sensitivity of their data assets. In turn, this enables organizations to apply proper levels of protection. The top among these platforms is Varonis. In fact, the Forrester Wave report from Q1 2023 puts Varonis as one of the top data security platforms, with the strongest strategy out of all the measured platforms. Varonis achieves this coveted spot due to the breadth and scalability of their product which allows organizations to achieve a truly data-centric cybersecurity strategy. Varonis’ multi-faceted approach to data security is a breath of fresh air. Today, with Varonis' latest SaaS-based offering Optiv is achieving even more with our clients.

Optiv Can Help!

Optiv's Data Governance, Privacy and Protection group helps our clients in every aspect of the data journey. Our mission is to help your organization control, secure and respect your data. Most organizations need a platform such as Varonis, but they also need expert consultants that can leverage the product platform. They need a complete solution which ensures they are implementing proper controls and securing their data.

Optiv offers a data governance methodology. We start with data discovery and then move into data classification. Once we know where everything is and have identified sensitivity, we help organizations shift to the realm of data loss prevention and data access management. Varonis enables our consultants to provide expert advice and results to our clients. While organizations may uniquely implement various security layers, they almost always lack the data security layer. Data and access to it is an ever-growing and moving target. Organizations may have completed some data discovery but haven’t named proper data owners or data stewards within certain departments or business lines. Or perhaps they have bought products, but they haven’t implemented, operationalized, or utilized them to their full potential. Optiv is here to assist at any point on the road to securing your data. We consider an organization’s current state and build a repeatable, scalable process to deliver a complete data-centric cybersecurity solution for our clients.

Below is an example of a typical engagement where Optiv enables an organization to arrive at that data-centric destination using data discovery and progressing. Ultimately, this yields a significant risk reduction for our clients.

Image

Optiv takes pride in boosting an organization to a place where it has a defined data governance framework and strategy. Shown below is an ideal picture of crucial roles to reduce risk and drive long-term data accountability.

Image

TLDR?

Knowing that all roads lead to data will leave you better prepared to face a complex cybersecurity world. Data is what organizations have the most of but know the least about. In a world where data growth is exponential and organizations are drastically unprepared to protect their data, reducing your risk is paramount. It's time to recognize that directly protecting your data is central to ensuring effective cybersecurity. Let Optiv help. We can connect to and assess your data in minutes. Together, Optiv and Varonis provide meaningful results and will present a snapshot of your environment’s health and protection. Contact your Optiv Client Manager to inquire about an assessment for your organization.