In late 2016, after tracking and projecting internet usage for a decade, Cisco announced a major networking milestone as global internet traffic finally reached the Zettabyte threshold analysts had been anticipating. It was a big deal and a key indicator of the looming importance of data. On the heels of that announcement, the Economist reported that data had replaced oil as the “world’s most valuable resource,” and Harvard Business Review warned all companies that lacked data management functions to catch up or start planning their exit. Point is — we’re not slowing down, and as the number of connected devices and digital complexity grows, organizations must focus on cybersecurity and compliance or risk a breach so expensive that recovery may be impossible.
Data is a growth driver
The volume of data collected by organizations is a goldmine of information that, when leveraged correctly, can positively impact growth. In fact, McKinsey posits that by 2025, data assets will be organized and supported as products with dedicated teams aligned to embed data security, evolve data engineering for continuous integration of new data sources and implement self-service access and analytics tools. And that’s just the tip of the iceberg of data-driven use cases.
Data security is a top priority
CIO respondents agree that security remains a top investment priority in 2023. Not a huge surprise, considering that protecting user privacy has reached a critical tipping point across all sectors. According to the Cisco 2022 data privacy benchmark study, more than two-thirds of countries have enacted privacy laws, and the vast majority of consumers (90%) won’t buy from organizations that don’t protect their data. That combination of liability plus trust continues to challenge IT teams as they juggle accelerated code delivery, reporting security and privacy metrics to executives, safeguarding against liability and maintaining user trust while ensuring personal identifiable information (PII) is protected.
The security band-aid is not uncommon
Every organization has a data story, and with it comes a compliance story that opens doors for a breach and subsequent liability. Most organizations depend on data leak prevention (DLP) to enforce protection at the edge and SIEM for anomaly detection and vetting, with alerts delivered to ITOps and SRE teams to investigate. However, a number of organizations still lean on stop-gap protective measures and assumptions to guard against data loss. These include relying solely on security at the network’s edge, data encryption, homegrown scripts for detection, redaction and removal of sensitive data, plus extending trust to APIs or relying on single-tenant architectures based on believing they don’t cause concern for data leakage. All of which are precarious — especially when there’s a better way.
Balancing your data security strategy
Data security is often measured by the same standards as overarching security postures, such as number of incidents or scorecarding. A crucial aspect of security, DLP requires internal education — particularly for those involved in classifying the data, where misclassification can result in the wrong security triggers being applied to the data. However, due to the manual nature of data mapping and the subjective interpretations that can be applied across the process, mapping tends to be a common challenge.
First step in defense: understanding risks before leveraging data
Data flowing through an organization without a security strategy is risky regardless of whether the strategy focuses on defense (minimizing risk), offense (using data to increase revenue) or a hybrid approach. The first step in defense is knowing how sensitive the data is and ranking security priorities to align. In some instances, users set security preferences. In other cases, compliance standards such as PCI, HIPAA or GDPR set priorities.
Where is the data going?
It takes a robust understanding of the consequences of data leaks to protect the bottom line while also enabling access for the right people, apps and processes to drive growth. Once data has been ranked by sensitivity, tracking its movement is paramount. For example, an eCommerce company may collect and pass sensitive data that routes through numerous applications to deliver one seamless user experience across shopping and checkout. However, the checkout motion alone can involve multiple data handoffs internally as well as to third-party payment gateways via API. Similarly to how adding a new chimney, window or door to a home increases potential for water and air leaks, adding apps and APIs for data moving across boundaries increases opportunity for data leaks.
Monitoring data access: who, what and why?
With cybercrime on the rise, it’s critically important to maintain access levels and address existing or potential compliance issues that can enable data leakage across workflows. A very common use case is when developers are working to ensure issues can be debugged easily, in which case they may add a log entry to diagnose an issue that requires an identifier, and those identifiers are typically sensitive PII such as a SSN, member ID or email address. A developer may log sensitive data temporarily while recording and tracking processes for a particular transaction. Doing so can help accelerate troubleshooting in the future, but when the PII is not removed after testing, it gets recorded in the database, and if access to that database is not controlled, the associated sensitive information will be left at risk.
Visibility is key for maintaining data security
More than half (58%) of technologists recently surveyed admit their organizations experience “security limbo” because they don’t know what to focus on and prioritize at any given time. This creates a significant potential for technologists to lose control of where data sits within their application portfolios and opens a huge data security risk for the volumes of sensitive data within many of these applications. Monitoring can provide alerts across the application stack, but without the business context needed to prioritize remediation based on business impact, where to start remains a guessing game. The true differentiator lies in leveraging observability tools across application performance and security that enable teams to see anomalies in real-time and gain insights to take action based on a vulnerability’s potential to impact business priorities.
For more security insights, read the latest Cisco AppDynamics research: The shift to a security approach for the full application stack and stay tuned for additional blogs that cover data security enforcement strategies and attack mitigation best practices.