Light Dark
February 9, 2016 By Mark Wah 3 min read
Data Protection

Those of us in the U.S. have just witnessed an exhilarating Super Bowl 50, one of the country’s most-watched broadcasts. Congratulations to the Denver Broncos! The Super Bowl clearly illustrates that it takes teamwork and a superstar team to win the ultimate prize.

Have you ever wondered what a data security superstar team looks like? We aren’t talking about the security operations center (SOC), which employs security intelligence tools such as SIEM, network forensics and sandboxing technologies. We are looking at security teams managing security solutions such as IBM Security Guardium, data loss prevention (DLP), encryption and data-centric security solutions that work closely with the IT organization and line-of-business (LOB) owners. Can the team be complemented by a managed security services provider (MSSP)?

We have discussed the importance of investing in data security solutions and balancing two complementary solutions, data activity monitoring and DLP. Now let’s examine how we assemble the data security superstar team to protect your organization’s crown jewels.

The Data Security Superstar Team

Instead of listing the specific number of individuals needed, it is important to understand the roles that will help you run an effective data security program. For a smaller team, an individual may wear several hats, but it is important to stress the segregation of duties and controlled access to the data security solution.

Data Security Administrator

The data security administrator is responsible for the data security solution and will require training and prior experience with the solution. This individual will need to work with the IT Infrastructure team to deploy the solution, given the architecture and deployment plan.

Communications is also very important for this role since collaboration with the IT deployment team, the database and application teams, the active directory or lightweight directory access protocol teams and the information security team will be required. Additionally, for data security solutions like DLP, coordination with the email/messaging and endpoint team is needed. The data security admin will also assist in integration and automation of the data security solution.

Data Security Access Manager

This role is responsible for setting the right role-based access control for the team. This prevents situations such as the data security admin gaining access to sensitive data or the incident reviewer changing data security policies.

Security and Policy Administrator

The security and policy administrator configures the rules and policies for the data security solution. The security admin will need to understand the technical aspect of IT elements to successfully apply the policies. For example, he or she must understand database constructs to apply the right data activity monitoring and encryption policies.

Alert, Report and Incident Reviewer

The alert, report and incident reviewer will consume the output of the data security solution following the established workflow and processes. For example, he or she will be reviewing DLP incidents and taking the appropriate remediation actions. This role provides feedback within the solution for the security administrator to adjust policies accordingly.

Line-of-Business and Data Owner

LOB and data owners work closely with the security administrator to define the right detecting rules for data. This may include database administrators, application administrators and other administrators of data repositories.

Legal and Compliance Officer

This is an advisory role to help the security administrator build the right rules and policies according to a compliance mandate. The compliance officer will also review processes such as auditing requirements.

Watch the webinar: Is Your Security Staff Addressing the Top 3 Data Protection Challenges?

Partnering With a Managed Security Services Provider

A good data security solution with built-in roles and a well-defined role-based access control configuration can help guide you in defining the data security superstar team. But how do you find them?

The challenge of the cybersecurity skills shortage is not new. How can you build the data security superstar team in this environment given the number of roles that need to be filled? Partnering with a MSSP leader can help complement your data security team and encourage them to be superstars in your organization.

To find the right partner, focus on MSSPs that understand the difference between network-centric and data-centric security solutions and approaches. The MSSP should have the right data security skill set. It also needs to know how to build a team for you and how to integrate the team, processes and workflow with your existing security infrastructure.

How Can I Learn More?

To learn more about data security, please join me and my colleagues at IBM InterConnect 2016 in Las Vegas from Feb. 21–25. I will be hosting an engagement center session at the IBM Security booth No. 314 on Wednesday, Feb. 24, at 1:30 p.m., titled “Why You Should Invest in Data Security and Managed Data Protection Services.”

You can also watch the on-demand webinar “Is Your Security Staff Addressing the Top Three Data Protection Challenges Today?” at your convenience.

 |  |  |  | 
Mark Wah
Senior Product Manager, IBM

More from Data Protection
November 8, 2024

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

November 7, 2024

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

November 5, 2024

Skills shortage directly tied to financial loss in data breaches

2 min read - The cybersecurity skills gap continues to widen, with serious consequences for organizations worldwide. According to IBM's 2024 Cost Of A Data Breach Report, more than half of breached organizations now face severe security staffing shortages, a whopping 26.2% increase from the previous year.And that's expensive. This skills deficit adds an average of $1.76 million in additional breach costs.The shortage spans both technical cybersecurity skills and adjacent competencies. Cloud security, threat intelligence analysis and incident response capabilities are in high demand. Equally…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature