Light Dark
November 14, 2017 By Laurène Hummer 3 min read

Sensitive data is everywhere, in every form. Whether structured or unstructured, big or small, in the cloud or on-premises, data is now a foundational pillar of our economy. If we have learned anything from the string of data breaches on the front page of the news in recent months, it is that our sensitive data is exposed to more internal and external threats. Data risk is higher than ever before.

Two Disconnects, One Big Problem

Because of the diversity of data types and storage locations, there is no longer a single platform to protect, and no single technology that will do it. A natural consequence is that, in most organizations, many different point solutions are used to protect ever-increasing and ever-moving troves of dynamic data. When the landscape becomes so complex, it is not surprising that data protection measures like discovery, classification, hardening and monitoring are neglected. Without a lens into these processes, gaps can occur, allowing attackers to find footholds.

These gaps emerge in two critical areas. The first is the well-known horizontal disconnect between point technology solutions. Without the right integrations between them, it is not possible to systematically spot issues and establish accurate security metrics.

The second gap is vertical in nature: When reporting up to C-suite executives, these security metrics don’t mean much to the nontechnical audience, in part because they lack the real-time information to show the relative business value of data and its potential vulnerabilities. The result is that executives are not able to get an accurate picture of the risks across the organization and are not able to prioritize actions to limit exposure.

Introducing IBM Data Risk Manager to Uncover, Analyze and Visualize Data-Related Business Risks

Today, IBM Security is announcing the release of IBM Data Risk Manager, an integration platform that aims to bridge those horizontal and vertical gaps. This manager provides executives and their teams a business-consumable data risk control center, helping to uncover, analyze and visualize data-related business risks so they can take action to protect their business. It leverages the capabilities of Agile 3 Solutions, a February 2017 IBM acquisition, and enables organizations to:

  • Identify specific, high-value, business-sensitive information assets. Leveraging inputs from IBM Security Guardium, IBM Information Governance Catalog and Symantec DLP, Data Risk Manager is an integration platform that provides an end-to-end view of all business metadata associated with sensitive information assets, including applications, processes, policies, procedures, controls, ownership and more.
  • Gain early visibility into potential risks to data and processes. The value of information assets can be correlated with threats, vulnerabilities, controls and business attributes to calculate a risk score, highlighting the parts of the business that are at risk.
  • Inform executives with a business-consumable data risk control center. This information is presented to executives in an intuitive dashboard, providing an end-to-end view of the security posture so that the right conversations between IT, security and the lines of business can take place to help improve business processes and mitigate data risks.

Data Risk Manager helps organizations ensure their many security tools operate in concert, with the right methodologies and business processes driving a horizontal integration between them. Security metrics are then translated to the language of data risk, enabling a conversation about potential data exposure at the executive level in the context of the business.

IBM Data Security Services Can Help Make Data Risk Manager Work for You

IBM Data Security Services offer delivery expertise to integrate Data Risk Manager with your existing technologies, using proven methodology and aligning with your business processes. Capturing the business context of your specific organization, our security specialists can help you build a bridge between security and the C-suite.

Register for the Dec. 6 Webinar: Do you speak risk? Bring Data Security to the C-Suite

 |  |  |  | 
Laurène Hummer
Offering Manager for IAM Services, IBM Security

More from

May 6, 2024

Evolving red teaming for AI environments

2 min read - As AI becomes more ingrained in businesses and daily life, the importance of security grows more paramount. In fact, according to the IBM Institute for Business Value, 96% of executives say adopting generative AI (GenAI) makes a security breach likely in their organization in the next three years. Whether it’s a model performing unintended actions, generating misleading or harmful responses or revealing sensitive information, in the AI era security can no longer be an afterthought to innovation.AI red teaming is emerging…

May 3, 2024

What we can learn from the best collegiate cyber defenders

3 min read - This year marked the 19th season of the National Collegiate Cyber Defense Competition (NCCDC). For those unfamiliar, CCDC is a competition that puts student teams in charge of managing IT for a fictitious company as the network is undergoing a fundamental transformation. This year the challenge involved a common scenario: a merger. Ten finalist teams were tasked with managing IT infrastructure during this migrational period and, as an added bonus, the networks were simultaneously attacked by a group of red…

May 2, 2024

A spotlight on Akira ransomware from X-Force Incident Response and Threat Intelligence

7 min read - This article was made possible thanks to contributions from Aaron Gdanski.IBM X-Force Incident Response and Threat Intelligence teams have investigated several Akira ransomware attacks since this threat actor group emerged in March 2023. This blog will share X-Force’s unique perspective on Akira gained while observing the threat actors behind this ransomware, including commands used to deploy the ransomware, active exploitation of CVE-2023-20269 and analysis of the ransomware binary.The Akira ransomware group has gained notoriety in the current cybersecurity landscape, underscored…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature