January 27, 2016 By Gregg Barrow 2 min read

With data now moving freely among corporate networks, mobile devices and the cloud, today’s rapidly evolving threat landscape demands a more comprehensive approach to protecting sensitive information assets. As infrastructure expands to meet the needs of new services and technologies, companies must think beyond just their IT department. Specifically, organizations need to address and manage the significant enterprise risk that is data security.

How Do I Manage My Data Security Risk?

Protecting data through isolation is no longer an option, and simply adding additional security tools is not sufficient to contain the risks associated with today’s evolving threat environment. To successfully address and manage data security risk, organizations must take a data-centric approach to security, keeping the following concepts in mind.

Embracing a Data-Centric Approach

To manage the risks associated with today’s environment, organizations must make data-centricity a core component of their approach to security. IBM’s approach to data-centric security leverages the business value of data to determine and implement the appropriate level of information security.

By following this approach, organizations can overcome the tension that often exists between information security technology and business strategy objectives by linking security services directly to business processes and the data these services protect. The focus of a data-centric approach is to derive the right security level through a business analysis of the data being handled.

Following a Risk-Based Approach

Data security is consistently identified as a top enterprise risk in today’s world. However, the complexity and volume of data has many organizations struggling with how to begin managing this risk. The first step in implementing a data-centric approach to data security is to understand your organization’s level of risk through the identification and prioritization of sensitive information assets.

To do so, organizations must undertake a comprehensive data discovery and classification effort. Companies should start discovery and classification efforts within a single organizational function or line of business, leveraging software tools to automate the process wherever possible. Such an effort, although limited in organizational scope, should include both structured and unstructured data held across traditional and emerging repositories including databases, applications, cloud and big data environments.

Addressing the Full Data Life Cycle

In order to truly implement a data-centric approach to security, companies must manage sensitive information assets throughout their life cycle. Data flow mapping tools should be used to understand when and how data enters an organization and where it flows as it moves throughout the environment.

In addition, organizations should leverage data activity monitoring tools, supported by customized risk visualization dashboards, to actively monitor data security risk.

What Should I Do Next?

Are you ready to begin improving your data security? Follow these three steps:

  1. Work to understand the value of your data assets through various lenses, including financial, market and brand impact.
  2. Classify and prioritize your sensitive information assets.
  3. Create, implement and maintain a robust data security program.

More from Data Protection

3 Strategies to overcome data security challenges in 2024

3 min read - There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030.This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be right once to seize databases of personally identifiable information (PII), including payment card information, addresses, phone numbers and Social Security numbers.In addition to the ever-present cybersecurity threats, data security teams must consider the growing list of data compliance laws…

How data residency impacts security and compliance

3 min read - Every piece of your organization’s data is stored in a physical location. Even data stored in a cloud environment lives in a physical location on the virtual server. However, the data may not be in the location you expect, especially if your company uses multiple cloud providers. The data you are trying to protect may be stored literally across the world from where you sit right now or even in multiple locations at the same time. And if you don’t…

From federation to fabric: IAM’s evolution

15 min read - In the modern day, we’ve come to expect that our various applications can share our identity information with one another. Most of our core systems federate seamlessly and bi-directionally. This means that you can quite easily register and log in to a given service with the user account from another service or even invert that process (technically possible, not always advisable). But what is the next step in our evolution towards greater interoperability between our applications, services and systems?Identity and…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today