Dhruv Khanna, Cofounder & CEO, Data Resolve
“Data flow analysis, unless followed on an ongoing basis by a neutral system, is effective; otherwise, follow an audit approach to onboard a DLP strategy.”
In the world of cybersecurity, data exfiltration has been creating havoc for security teams for a long time.. The loss of sensitive data has caused a lot of harm to many organisations. In fact, many security professionals across various sectors have experienced at least one data breach in recent years. With the advancement in the world of technology and digitalization, we have learned about the importance of data but, more importantly, how it can be misused. What we are dealing with today is just the aftermath of that.
Data security is considered an essential part of data management. Securing sensitive data is very important, and proper management helps ensure your vital data is never lost and stays protected. According to a recent insider threat report, 90% of organisations are vulnerable to data exfiltration, while 50% have already experienced it in the past year.
Data is classified as a new oil and is very expensive to secure on account of the change in the data exfiltration threat landscape.
The big question that CXOs are facing is how to reduce exposure to data leakage. But let’s understand why this has surfaced again. Post-COVID, data is no longer restricted to devices; it is disseminated across applications, web services, ported to the cloud, exchanged via WhatsApp or other messaging tools, and uploaded on GitHub. There is a sudden advent of new applications and tools that, on the one hand, ease doing business, but on the other hand, offer an opportunity to leak information.
What strategy should be adopted ideally?
- First, create a use case library, i.e., key data leak exposure parameters.
- Explore legacy, homegrown application stacks that are vulnerable to data leaks.
- A phased approach to follow to roll out the data leak strategy encompassing business processes, internal stakeholders, and external partners Have a documented approach to rolling out
- Explore how co-creation can help address use cases.
- Data flow analysis, unless followed on an ongoing basis by a neutral system, is effective; otherwise, follow an audit approach to onboard a DLP strategy.
- Have a DLP audit done with the partner or OEM on a bi-annual basis.
Remember, no single tool can solve your data exfiltration problem, and no DLP product offers the same use cases. Choose your stack that offers you data leak protection against business use cases specific to you.
About the author:
Dhruv Khanna, Cofounder & CEO, Data Resolve
With over 20 years of experience in Enterprise Security and Privacy Service Industry, Dhruv Khanna – an Executive Management Alumnus from IIMC, is successfully leading to build a robust environment to achieve a Cyber Secured Indian Market. Before joining Data Resolve, Dhruv was associated with IBM for six years as India-South Asia Service Line Leader for security and privacy services.