EXECUTIVES & ARCHITECTS
A security architect or CISO needs to pro-actively manage data risk.
How is data protected vs. exfiltration and ransomware — what initiative should we drive this quarter?
Ideally, each data object across data stores will have a logical data firewall — i.e., is protected via access control, encryption, back-up, and monitored via a behavioral model. Quantify the benefits of interventions such as data encryption, tighter IAM policies, dark data removal, etc.
Which data-owners and product teams have to be notified, if any, and what is the RoI from an intervention?
Show data that is not fire-walled, especially prioritized by regulated data (PCI, PII, PHI, etc); or data accessible via over-privileged; or data that is lying unprotected, not backed up, unused, etc. This evidence guides data owners to best protect data.
Data-security, governance, and compliance teams have to learn ground-truth about data stores and objects without slowing down product teams and analysts.
Where in a hybrid cloud is the most at-risk data?
Starting with PCI, PII, PHI, and including customer records and corporate secrets.
Which identities — applications, service roles, employees, or end-users — are creating the risk?
Learn how user and application identities work with data objects to construct data firewalls. Highlight data that is at risk while enabling analysts or data-owners to dig into the evidence.
What data objects were involved in an incident?
Provide ground-truth list of specific data objects that could have been involved in a potential breach or security incident.