The Evolving Data Security Landscape

As with most things, change is inevitable. In IT the velocity of change (velocity of innovation if we want to be cool) increases exponentially almost daily. To use some Forrester terminology, another “wave” of change is crashing on the beach of marketing and hype (Gartner) as technologies continue to merge and evolve.

I would argue that these so-called “innovative” changes are actually fully-grounded in evolutionary business change that is incremental but also inevitable. Recently I have witnessed the gloming (perhaps it is munging) of technology stacks into some new groups (have to make money you know), including Data Protection and Data Ops, to name just a couple.

Data Loss Prevention (DLP) and User Entity Behavior Analytics (UEBA) tool capabilities are now being included in other technology stacks as the next generation of data-in-motion tools mature. Some of the leaders in strategy and market analysis have actually discontinued these tools as separate technology/tool categories.

So, what does all this mean, at least to me. 

Clearly realization of the data economy has arrived. Data IS the new oil. It has always been around, but now, with the operationalization of Intelligent Automation around Big Data and harvesting behavioral patterns, the value, and with it the scrutiny and responsibilities of managing data are in full view. Whether it is another data breach resulting in the “admitted” loss of mega-amounts of personal data (including my own), or the realization that computers are better than humans at identifying patterns, making consistent choices based on policies and parameters and doing it much faster, managing the implications and deriving business value to gain and maintain market advantage are essential to remain competitive or even sustainable in this new economy.

But wait, here comes the government and with it the cost of ensuring their citizens are taken care of, at least on paper, and the impact to the cost of trade for doing business in their country, state or republic. Enforcement becomes the issue and compliance the objective, with regulatory and fiduciary responsibility soon to follow.

Fortunately, this is not a new cycle. Business and data have been around as long as man. The new digital business models required to manage the velocity of change together with the operationalization of cloud technologies simply need to adopt new methodologies that include automatically identifying sensitive data (data that is required or desired to be managed) and marking it in a way that both users and machines can clearly and easily see what it is and manage it accordingly.

Once discovery and classification of sensitive data is accomplished (accurately) companies can then define the automated remediation requirements that fit their business model. Demonstrating compliance and due diligence become a reality. Automated remediation (protection) enables companies to become proactive, over time predictive and to ensure they are protected and, here is the difference, prove it to both the individual customers and the world.

Spirion software is a prime example of the type of specialized tool that enables rapid operationalization of protecting sensitive data.

The beat goes on..