What is Data Security? Defined, Explained, and Trends
Director of Vation Intelligence
February 3, 2022
Data security describes the variety of practices and measures used to protect digital data from both accidental leaks and malicious exposure and exploitation. We teamed up with Arrow to break down what is data security, the processes, and trends.
Digital data has a lifecycle. This lifecycle includes creation, sharing, storage, and destruction. All stages of this lifecycle require the data to be secured from unauthorized access and/or accidental exposure. A variety of data security practices exist to ensure that data is protected across each lifecycle stage. These measures include staff security awareness training and security tools empowered by associated security policies and procedures. Without data security, the data that runs the modern business would be vulnerable to exposure, theft, and ransomware attacks.
Why is data security important?
A report from DOMO shows that in 2021, 5.2 billion people were using the internet. To facilitate our internet and digital lives, data flows across cloud apps and platforms via mobile and IoT devices, as well as laptops, tablets, and desktop computers. An example of everyday data generation is the tsunami of emails sent and received each day- in 2020, the global number of emails amounted to 306.4 million. Consequently, there has never been more data in the world than there is now.
Data is valuable. This value is not lost on cybercriminals. Data greases the wheels of cybercriminal activity and much of the stolen data ends up for sale on the dark web. When a data breach occurs, the exposed data is used to perform ongoing cybercrimes. Data related crimes include:
Ransomware: In 2020, 61% of companies were impacted by a ransomware infection, and 34% lost their data forever, even when the ransom was paid. During a ransomware attack, data is not only encrypted but often stolen; cybercriminals use the stolen data to put pressure on an organization to pay the ransom, while threatening to expose sensitive and personal data.
Identity theft: The Federal Trade Commission (FTC) received 4.8 million identity theft and fraud reports in 2020. This figure was an increase of 45% over 2019 figures.
Fraud: Stolen financial and personal data is used to commit fraudulent acts such as taking out loans on behalf of victims. The TransUnion Global Consumer Pulse Study found that one-third of global consumers have been targets of digital fraud. Much of this fraud is based on stolen personal and financial data.
Data security provides the tools and measures to prevent data-related cybercrime.
What are the technologies that support data security?
A variety of security tools have been developed to counteract data-related cyber-attacks. Some examples include:
Data Access Governance (DAG)
You cannot protect what you cannot see. Centralized Data Access Governance (DAG) tools provide visibility to data across a corporate network. DAG tools scan across network locations, including cloud apps and repositories, to discover structured data (e.g., relational databases) and unstructured data (e.g., emails). Once data has been located, a typical DAG tool can then analyze and apply appropriate, risk-based access rights to the data.
Data Discovery & Classification
Data discovery is a vital part of data governance. Once data has been discovered across the corporate network using a tool such as a DAG solution, it needs to be classified. Data classification is used to identify the type of discovered data and the level of sensitivity/value of this data. Typically, this data will be assigned a classification status based on pre-defined rules or keywords. For example, data may be classified as public, confidential, internal use only, etc. Classifying data allows an organization to apply appropriate risk-based data security measures.
Data Loss Prevention (DLP)
Data Loss Prevention (DLP) software is used to stop accidental or malicious leakage of sensitive data. DLP software applies a set of rules to detect, monitor, and prevent data from being transferred outside a corporate boundary. If DLP software detects a potential data leak, it will send out an alert and block the exit of the identified data leak. DLP software is used to enforce data protection regulations such as HIPAA and PCI DSS.
Database Activity Monitoring (DAM)
Databases can contain substantial amounts of sensitive data. Database Activity Monitoring (DAM) is achieved using a suite of tools geared towards relational database management systems (RDBMS). A DAM monitors database user activity, looking for unusual or fraudulent activity.
Encryption uses mathematical methods to secure data. The data is encoded using an encryption algorithm. The resulting text, known as 'ciphertext,' is scrambled and seemingly unreadable. The process to encode data is known as cryptography. There are a variety of encryption algorithms, but the most robust are those that have been tried and tested by the standards community. An example of an established encryption algorithm is the Advanced Encryption Standard (AES). Encryption can be 'symmetric' or asymmetric. Symmetric encryption uses the same key for both encryption and decryption, while asymmetric encryption requires a pair of matched keys: a public key for encryption, and a private key for decryption.
Enterprise Rights Management (ERM)
Data resides across an expanded network that includes cloud apps, data centers, mobile devices, and IoT devices. Staff, non-employees, suppliers, etc., must be able to access, share, and collaborate using this data. An Enterprise Rights Management (ERM) platform can be used to ensure that data access and use are controlled and appropriate to need. ERM tools can provide mechanisms to protect data as it is accessed, enforce the use of data on a user's device, and control access to, as well as the editing of, files and other data in the cloud.
File Integrity Monitoring (FIM)
A change in a file could be a signal that a cyber-attack is underway. A File Integrity Monitoring (FIM) platform monitors file activity across a network to detect changes. FIM looks at any file changes, how the change occurred, who made the change, and if that change can be rectified.
What are the trends in Data Security Technology?
The cyber-threat landscape is continuously evolving, as the cybercriminals behind the attacks are constantly changing tactics to evade detection. The response to this is cybersecurity solution vendors employing new and novel ways to detect data security threats. Some of the latest trends in the data security technology arena include:
If an organization wishes to perform analytics or make changes to encrypted data, the data needs to be decrypted first using a secret key. This could take the form of either a manual intervention by the data owner or a webserver being provided with the secret key. This process adds potential security and privacy weaknesses or usability issues as data must be downloaded and decrypted locally before an operation can be performed. Homomorphic encryption allows data to be used without having to decrypt it first.
Two companies making headway in this complex area of data security are Baffle and Duality. Baffle is forging ahead by enabling wildcard searches across encrypted data and providing mathematical computation on AES encrypted data. By doing so, Baffle provides data protection across the entire data lifecycle from data-at-rest to in-use, as well as in-memory and the search index. Duality specializes in a ground-breaking technology known as fully homomorphic encryption (FHE). Duality recently won a large contract with DARPA to explore new hardware that can optimize the resource-intensive needs of homomorphic encryption, making the technique more commercially attractive.
Traditional firewalls are used to protect the corporate network. However, as cloud computing took off and data began to flow across an expanded connected network, these traditional firewalls were no longer enough. Data firewalls provide a more granular approach to data protection by creating virtual firewalls around data objects. For example, Symmetry Systems is a Data Store and Object Security (DSOS) provider that delivers visibility and unified access control of data assets. Their core offering, DataGuard, is used to create a Zero Trust architecture that controls access to data wherever it resides. Another data firewall vendor to watch is Cyral, which delivers 'data layer' protection. Cyral has a REST API used to examine, normalize, and analyze requests for access to sensitive data. The service then automatically generates policies that baseline normal behavior, which can be used to spot anomalies.
Backup and restore
One of the best practice methods for minimizing the impact of a ransomware attack is to use secure backup and restore software. A resilient and secure backup system also applies to managing data-related issues during natural and human-made disasters. Two innovative companies in this space are Rubrik and Cohesity. Both Rubrik and Cohesity offer solutions in the form of Backup-as-a-Service (BaaS). Rubrik describes its solution as offering 'immutable backup;' that is, the backed-up data is fully protected against threats such as ransomware as it cannot be altered. Cohesity focuses on making backups easy and flexible and offers integrated support for Office 365.
Ensuring that data is privacy-enhanced is a complex area covering everything from user consent to data minimization and data protection. Regulations such as the EU's GDPR and California's CCPA/CPRA have driven the data privacy landscape. New vendors are offering highly innovative and practical solutions to help companies maintain compliance with these regulations. Two such vendors to watch in the privacy space are Wirewheel and Securiti.ai. Wirewheel offers a privacy hub that can be used to enable Privacy by Design (PbD) to make sure products and services are built to security standards from the start. The platform also creates the documentation needed for regulatory compliance. Securiti.ai uses artificial intelligence (AI) to power privacy decisions. Securiti.ai's system visualizes data across an expanded network to locate potential privacy violations and enforce data protection.
What are CXO priorities in data security?
Cybersecurity threats and the associated countermeasures offered by security vendors make for an ever-changing security landscape. C-Level information security professionals must understand this complex matrix to deliver prioritized decisions. Some of the critical areas that a C-Level executive should focus on are:
Upping the data volume
Modern enterprises generate massive amounts of data. Analyzing this data can help companies deliver better customer experiences and ensure they are maintaining a competitive edge, as well as give them innovation options. However, all this data, coupled with the increased complexity of modern cyber-attack tactics, increases the chances of a data breach. C-Level executives should use a data-first strategy when deciding which products to choose to manage security threats.
Online data vulnerability
As digital transformation takes hold, data increasingly migrates to online services. This movement of data into an online sphere improves accessibility but also increases the vulnerability of data. The latest OWASP Top Ten Web Vulnerabilities research has broken access control, sensitive data exposure, and cryptographic failures in its top three vulnerable areas. Web application security and the threats to data handled via web apps must be a key area of security policy focus.
The expanded dataverse
The Covid-19 pandemic made remote working largely mandatory, and in doing so, rapidly increased the use of BYOD (Bring Your Own Device) and cloud services. Enabling access to enterprise applications via personal devices is also expected to continue for the near future. However, the use of personal devices to access corporate cloud apps increases the susceptibility of systems. Organizations should look at ways to manage their mobile real estate across the expanded corporate network. Data visibility tools can help establish where data resides and how to best protect that data, even within a BYOD environment. Security policies must include measures to cover the protection of data across mobile devices.
The weakest link in the supply chain
An ENISA study into supply chain vulnerabilities found that 58% of attacks focused on access to data, with 62% of attacks manipulating customers' trust in the supply chain.
The 2020 SolarWinds breach highlighted the risks that suppliers can bring to a vendor ecosystem. SolarWinds is a vendor that delivers software to a network of clients. Hackers exploited vulnerabilities in the SolarWinds software upgrade process to deliver malware to clients. Tightly integrated supply chains increase the risk from the weakest link in that chain. Any vendor with a vulnerability can become weaponized by hackers to infect the rest of the chain. Accidental data leaks can also occur down the chain unless carefully managed. Therefore, supply chain risk management must be a key priority to address the potential for exploitation leading to data exposure.
Cloud storage and robust backups
Data backup must be robust, reliable, and resilient. Modern businesses rely on cloud storage as this is cost-effective and managed as-a-Service, often via a Managed Service Provider (MSP). As ransomware persists as a serious threat, having a robust backup system in place is vital to ensure business continuity.
Security Awareness Training programs
Many data security threats come in the form of human behavior manipulation, such as phishing and social engineering. A 2021 Thales survey ranked phishing as the third-highest data threat concern, with malware and ransomware - both of which are typically initiated by phishing - in first and second place, respectively. By making staff and other associated users, such as consultants and suppliers, aware of security threats, an organization's security posture can be improved. Security Awareness Training programs typically involve education in areas including phishing and security hygiene while providing training in how to spot social engineering scams.
Business Continuity/Disaster Recovery/Restore
Data keeps a company's wheels turning, so any interruption to that can have a disastrous impact on business. Business continuity planning is an integral part of managing risk across a business, especially considering increasing attacks on data. One area that is trending is Disaster Recovery-as-Service (DRaaS). DRaaS platforms are typically provided by specialist MSPs who provide the cloud-computing infrastructure to deliver data protection and recovery in the event of a data disaster.
Data security and intelligence
The massive amounts of generated data lend well to technologies enabled by artificial intelligence (AI) and its subset, machine learning (ML). The more available data, the smarter the AI-enabled security defense systems become. Security technologies that are AI-enabled offer predictive analytics to cope with evolving malicious technology and the move from human-scale to data-scale cyber threats.
Want to stay on top of data security technologies? We Can Help
At Vation Ventures, we focus on innovations and trends in technologies on your behalf. We help offset the cost, effort, and time you spend identifying and comparing technologies to solve your organization's problems. Want to learn more? Get in touch today.