Finally, a Shift in Data Security Strategy Designed to Match the Real-World Threat Landscape

July 20, 2022

Like IT professionals working in other areas of the field, security folks have been talking about “platforms” since the 1980s. Then, everyone understood the platform as the functional foundation on which a stack of applications could be built. Security teams built a stack of security applications to secure data, web teams built a stack of web development applications to create website functionality, and so on. Platforms became (and still are) eminently useful for accelerating time to value through the reuse of APIs, documented patterns, etc.


Things have changed in the 40 or so years since the platform emerged as a fundamental support for stacks of applications. We’ve moved from a place where everyone’s platform supported their work in largely isolated environments to one where platforms not only need to be connected, but also integrated with many others to perform at peak levels. While executing this movement successfully is critical to digital transformation, most organizations with medium- and long-term initiatives to undergo DX had their plans cast asunder when COVID-19 hit in 2020. In the last two years, however, virtually all organizations with a digital presence accelerated their migration to cloud-based environments to develop and innovate faster and cheaper with a largely remote workforce. But as more data architectures, both on-premises and cloud-native, were added to the technology stack, the number of sophisticated tools designed to manage data security became unmanageable. The result is an increasingly disparate infrastructure of tools, which provide a complete data security solution in theory, but not in practice due to the lack of a galvanizing force to unify them. From a development perspective, this result has been remarkable. Security, however, was left behind.



Going Beyond the Data Security Platform

Modern organizations have exponentially more moving parts (and risks) than ever, yet for the most part, the concepts for securing them have hardly changed. Forward-thinking organizations are prioritizing efforts to secure the innovations they’ve generated on their digital journeys. Such organizations need a more holistic, collaborative and flexible solution. This requires us to think about data-centric security not as a platform, but as a fabric that enables a unification of platforms, where organizations can quickly integrate various security capabilities to secure data more easily and effectively.


In a dynamic and multi-dimensional threat landscape, a data security fabric ensures that an organization’s data and specific architectures are protected no matter the volume of attack, where a threat originates or where the attack is waged.


The key to an effective data security fabric is unifying disparate platforms: on-premises and cloud-native; customer and vendor; and technology builder and solution integrator. The result is an automated security solution that enables users to gain complete visibility into all their data, no matter where it lives.



Why a Data Security Fabric is Future-Proof

As mentioned, most organizations with a digital presence have leveraged cloud-based development platforms to truly innovate. In this process, they’ve gained new types of flexibility, business resiliency and investment protection. Complementary platforms now offer more sophisticated data security functionalities than ever before. A data security fabric is the logical next step in this evolving process. Its platform convergence and unified view naturally removes barriers and friction for security teams, business and technology partners and customers alike. The fabric unifies disparate architectures, integrates the advanced security functionality that all stakeholders have created and closes the gap between DevOps and security. This ensures that organizations can protect new applications and their underlying data repositories from day one.


For the first time, organizations can have a unified architecture that lets them gain observability and controls over all their data repositories – structured, semi-structured and unstructured – no matter their location. DevOps teams, cloud architects and even non-technical businesspeople can take on more important roles in organizational data security with no effect on business performance. A fabric provides a seamless foundation on which any organization can expand their security capabilities with business and technology partners, as well as increase and enhance their offerings.


A true convergence of platforms, fabric is purpose-built to ensure it can always respond to data security needs. As organizations add more data architectures to their data footprint, and as they involve more teams and more partners with new technology, a data security fabric ensures that neither the number of permutations of security controls nor the total cost of ownership of the solution must grow.



Four “Must-Haves” From a Data Security Fabric Solution

As you assess your needs from a data security fabric perspective, start with these fundamental capabilities:


  1. The solution must secure all data types: structured, semi-structured and unstructured.
  2. A data security fabric must provide visibility into data, no matter where it is: on-premises, or in private, hybrid or multi-cloud environments.
  3. Going forward, the solution provider must demonstrate that it can leverage new technology created by other providers and make the integration process seamless.
  4. Your data security fabric provider must demonstrate expertise to help you maximize the value of your investment in their solution on an ongoing basis.
Bruce Lynch
Product and Content Marketing Manager | Imperva
Bruce Lynch joined Imperva through the acquisition of jSonar, where he served as the company’s first Product and Content Marketing Manager. He has been creating content in the technology space for over 25 years as a specialized information publisher, bylined magazine and newsletter columnist, and book author. Bruce manages and is a frequent contributor to Imperva’s corporate blog, specializing in data security. He earned a Bachelor of Arts cum laude from the University of Massachusetts at Amherst.

Optiv Security: Secure greatness.®

Optiv is the cyber advisory and solutions leader, delivering strategic and technical expertise to nearly 6,000 companies across every major industry. We partner with organizations to advise, deploy and operate complete cybersecurity programs from strategy and managed security services to risk, integration and technology solutions. With clients at the center of our unmatched ecosystem of people, products, partners and programs, we accelerate business progress like no other company can. At Optiv, we manage cyber risk so you can secure your full potential. For more information, visit