As companies around the world turn their attention to advanced threats endangering their most sensitive data, one category is commanding much-deserved attention: insider threats. With 44.5 percent of attacks perpetrated by malicious insiders, guarding against these incidents is becoming a pressing concern.

An effective way to tackle insider threats is with an integrated approach that accomplishes two related goals. First, organizations need to reduce their exposure to insider threats by securing their critical data and governing their identities. Second, they need to monitor the actions of their authorized users to detect any anomalous behavior using security intelligence. In this post, we will focus on the first piece of that integrated approach: securing sensitive data.

To protect an organization’s most sensitive data, it is important to have a mature data security strategy in place. That strategy will help determine who owns the data, where it originated, how sensitive is it, what it can be used for and so on.

Protecting Critical Data in Five Easy Steps

Organizations can follow a systematic, five-step approach to protect their data with the highest business value, commonly known as crown jewel data, as depicted below:

1. Define

Taking time to understand the organization’s strategic goals and how data security fits into these goals will provide guidance to the overall data security program. The initial phase of the five-step approach should focus on assessing the organization’s goals and objectives and ensuring appropriate policies and standards are in place. Stakeholder interviews, reviews of data management policies and standards, and any other relevant existing documentation should be included in the assessment to understand the current capabilities.

As part of this phase, it is also important to obtain agreement among the various IT and business stakeholders on what the critical data is, the impact that data has to the organization if it is lost and the required security control baselines to protect that data.

2. Discover

Knowing where your critical data is located within the organization is an important step to ensure it is adequately protected with multilayered security controls. Without having an understanding of where the critical data is stored, any security controls will have to be implemented across all systems, no matter if the system contains critical data or not, and that is not cost effective.

Once the organization’s current data environment is understood, a data discovery should be done across the organization’s structured and unstructured repositories to identify and classify critical data stored within those repositories. As these discovery results are gathered, a data catalog and taxonomy should be created to manage the findings. The data categories within the taxonomy should then be ranked using a defined process to understand what data is considered to be the crown jewels.

3. Baseline

Baselining is critical in understanding how much effort is needed to secure the data environment. Without a proper assessment of security controls, it’s impossible to know where the security gaps are located and what additional controls might need to be implemented to better protect critical data.

An assessment should be done to measure the maturity of the organization’s current data security controls and processes against the baselines established in the first phase. The results of this assessment can then be used to develop recommendations around both technology controls and processes that can enhance the overall protection of sensitive data.

4. Secure

During this phase, technical solutions will be designed and implemented to protect data. Based on the gaps discovered during the baseline assessment, a plan is developed to address risks to the crown jewels and implement updated data security controls that will meet the overall data protection objectives.

Typically, a road map is created to prioritize projects and implement solutions to secure the data environment. The outcome of this phase will ensure the crown jewels are adequately secured and risks to their security are remediated.

5. Monitor

We know that data is not static and that it moves across the organization. Also, new data is created every day. So having a process to detect new data and classify that data is crucial to maintaining the overall security of crown jewels.

A governance process should be established to ensure that all the above activities are repeated on a regular basis, depending on your goals and objectives — especially the data discovery activities from the second phase. Organizations should also be looking at capabilities to visualize the risk around data and make a data risk dashboard available to senior management for greater awareness.

Other activities should include developing monitoring checklists, training the team to manage the updated security process and establishing a communication plan to manage the processes around discovering and protecting crown jewels. It is also important to understand that as technologies change and new data threats arise, organizations should revisit their security policies periodically to validate the effectiveness of the controls.

Get Started Today

Based on IBM’s experience working with many clients embarking on the data security journey, we have developed a program known as the Critical Data Protection Program that follows the recommended five-step approach to protect sensitive data. The program has effectively assisted organizations in securing and monitoring critical data. IBM also provides a data risk dashboard capability that helps organizations visualize risks around their critical data and prioritize remediation activities.


More from Data Protection

Heads Up CEO! Cyber Risk Influences Company Credit Ratings

4 min read - More than ever, cybersecurity strategy is a core part of business strategy. For example, a company’s cyber risk can directly impact its credit rating. Credit rating agencies continuously strive to gain a better understanding of the risks that companies face. Today, those agencies increasingly incorporate cybersecurity into their credit assessments. This allows agencies to evaluate a company’s capacity to repay borrowed funds by factoring in the risk of cyberattacks. Getting Hacked Impacts Credit Scoring As per the Wall Street Journal…

4 min read

IBM Security Guardium Ranked as a Leader in the Data Security Platforms Market

3 min read - KuppingerCole named IBM Security Guardium as an overall leader in their Leadership Compass on Data Security Platforms. IBM was ranked as a leader in all three major categories: Product, Innovation, and Market. With this in mind, let’s examine how KuppingerCole measures today’s solutions and why it’s important for you to have a data security platform that you trust. The Transformation of the Data Security Industry As digital transformation continues to expand, the impact it has had on enterprises is very apparent when…

3 min read

SaaS vs. On-Prem Data Security: Which is Right for You?

2 min read - As businesses increasingly rely on digital data storage and communication, the need for effective data security solutions has become apparent. These solutions can help prevent unauthorized access to sensitive data, detect and respond to security threats and ensure compliance with relevant regulations and standards. However, not all data security solutions are created equal. Are you choosing the right solution for your organization? That answer depends on various factors, such as your industry, size and specific security needs. SaaS vs. On-Premises…

2 min read

Understanding the Backdoor Debate in Cybersecurity

3 min read - The debate over whether backdoor encryption should be implemented to aid law enforcement has been contentious for years. On one side of the fence, the proponents of backdoors argue that they could provide valuable intelligence and help law enforcement investigate criminals or prevent terrorist attacks. On the other side, opponents contend they would weaken overall security and create opportunities for malicious actors to exploit. So which side of the argument is correct? As with most debates, the answer isn't so…

3 min read