February 9, 2016 By Mark Wah 3 min read

Those of us in the U.S. have just witnessed an exhilarating Super Bowl 50, one of the country’s most-watched broadcasts. Congratulations to the Denver Broncos! The Super Bowl clearly illustrates that it takes teamwork and a superstar team to win the ultimate prize.

Have you ever wondered what a data security superstar team looks like? We aren’t talking about the security operations center (SOC), which employs security intelligence tools such as SIEM, network forensics and sandboxing technologies. We are looking at security teams managing security solutions such as IBM Security Guardium, data loss prevention (DLP), encryption and data-centric security solutions that work closely with the IT organization and line-of-business (LOB) owners. Can the team be complemented by a managed security services provider (MSSP)?

We have discussed the importance of investing in data security solutions and balancing two complementary solutions, data activity monitoring and DLP. Now let’s examine how we assemble the data security superstar team to protect your organization’s crown jewels.

The Data Security Superstar Team

Instead of listing the specific number of individuals needed, it is important to understand the roles that will help you run an effective data security program. For a smaller team, an individual may wear several hats, but it is important to stress the segregation of duties and controlled access to the data security solution.

Data Security Administrator

The data security administrator is responsible for the data security solution and will require training and prior experience with the solution. This individual will need to work with the IT Infrastructure team to deploy the solution, given the architecture and deployment plan.

Communications is also very important for this role since collaboration with the IT deployment team, the database and application teams, the active directory or lightweight directory access protocol teams and the information security team will be required. Additionally, for data security solutions like DLP, coordination with the email/messaging and endpoint team is needed. The data security admin will also assist in integration and automation of the data security solution.

Data Security Access Manager

This role is responsible for setting the right role-based access control for the team. This prevents situations such as the data security admin gaining access to sensitive data or the incident reviewer changing data security policies.

Security and Policy Administrator

The security and policy administrator configures the rules and policies for the data security solution. The security admin will need to understand the technical aspect of IT elements to successfully apply the policies. For example, he or she must understand database constructs to apply the right data activity monitoring and encryption policies.

Alert, Report and Incident Reviewer

The alert, report and incident reviewer will consume the output of the data security solution following the established workflow and processes. For example, he or she will be reviewing DLP incidents and taking the appropriate remediation actions. This role provides feedback within the solution for the security administrator to adjust policies accordingly.

Line-of-Business and Data Owner

LOB and data owners work closely with the security administrator to define the right detecting rules for data. This may include database administrators, application administrators and other administrators of data repositories.

Legal and Compliance Officer

This is an advisory role to help the security administrator build the right rules and policies according to a compliance mandate. The compliance officer will also review processes such as auditing requirements.

Watch the webinar: Is Your Security Staff Addressing the Top 3 Data Protection Challenges?

Partnering With a Managed Security Services Provider

A good data security solution with built-in roles and a well-defined role-based access control configuration can help guide you in defining the data security superstar team. But how do you find them?

The challenge of the cybersecurity skills shortage is not new. How can you build the data security superstar team in this environment given the number of roles that need to be filled? Partnering with a MSSP leader can help complement your data security team and encourage them to be superstars in your organization.

To find the right partner, focus on MSSPs that understand the difference between network-centric and data-centric security solutions and approaches. The MSSP should have the right data security skill set. It also needs to know how to build a team for you and how to integrate the team, processes and workflow with your existing security infrastructure.

How Can I Learn More?

To learn more about data security, please join me and my colleagues at IBM InterConnect 2016 in Las Vegas from Feb. 21–25. I will be hosting an engagement center session at the IBM Security booth No. 314 on Wednesday, Feb. 24, at 1:30 p.m., titled “Why You Should Invest in Data Security and Managed Data Protection Services.”

You can also watch the on-demand webinar “Is Your Security Staff Addressing the Top Three Data Protection Challenges Today?” at your convenience.

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today