Light Dark
November 14, 2017 By Laurène Hummer 3 min read

Sensitive data is everywhere, in every form. Whether structured or unstructured, big or small, in the cloud or on-premises, data is now a foundational pillar of our economy. If we have learned anything from the string of data breaches on the front page of the news in recent months, it is that our sensitive data is exposed to more internal and external threats. Data risk is higher than ever before.

Two Disconnects, One Big Problem

Because of the diversity of data types and storage locations, there is no longer a single platform to protect, and no single technology that will do it. A natural consequence is that, in most organizations, many different point solutions are used to protect ever-increasing and ever-moving troves of dynamic data. When the landscape becomes so complex, it is not surprising that data protection measures like discovery, classification, hardening and monitoring are neglected. Without a lens into these processes, gaps can occur, allowing attackers to find footholds.

These gaps emerge in two critical areas. The first is the well-known horizontal disconnect between point technology solutions. Without the right integrations between them, it is not possible to systematically spot issues and establish accurate security metrics.

The second gap is vertical in nature: When reporting up to C-suite executives, these security metrics don’t mean much to the nontechnical audience, in part because they lack the real-time information to show the relative business value of data and its potential vulnerabilities. The result is that executives are not able to get an accurate picture of the risks across the organization and are not able to prioritize actions to limit exposure.

Introducing IBM Data Risk Manager to Uncover, Analyze and Visualize Data-Related Business Risks

Today, IBM Security is announcing the release of IBM Data Risk Manager, an integration platform that aims to bridge those horizontal and vertical gaps. This manager provides executives and their teams a business-consumable data risk control center, helping to uncover, analyze and visualize data-related business risks so they can take action to protect their business. It leverages the capabilities of Agile 3 Solutions, a February 2017 IBM acquisition, and enables organizations to:

  • Identify specific, high-value, business-sensitive information assets. Leveraging inputs from IBM Security Guardium, IBM Information Governance Catalog and Symantec DLP, Data Risk Manager is an integration platform that provides an end-to-end view of all business metadata associated with sensitive information assets, including applications, processes, policies, procedures, controls, ownership and more.
  • Gain early visibility into potential risks to data and processes. The value of information assets can be correlated with threats, vulnerabilities, controls and business attributes to calculate a risk score, highlighting the parts of the business that are at risk.
  • Inform executives with a business-consumable data risk control center. This information is presented to executives in an intuitive dashboard, providing an end-to-end view of the security posture so that the right conversations between IT, security and the lines of business can take place to help improve business processes and mitigate data risks.

Data Risk Manager helps organizations ensure their many security tools operate in concert, with the right methodologies and business processes driving a horizontal integration between them. Security metrics are then translated to the language of data risk, enabling a conversation about potential data exposure at the executive level in the context of the business.

IBM Data Security Services Can Help Make Data Risk Manager Work for You

IBM Data Security Services offer delivery expertise to integrate Data Risk Manager with your existing technologies, using proven methodology and aligning with your business processes. Capturing the business context of your specific organization, our security specialists can help you build a bridge between security and the C-suite.

Register for the Dec. 6 Webinar: Do you speak risk? Bring Data Security to the C-Suite

 |  |  |  | 
Laurène Hummer
Offering Manager for IAM Services, IBM Security

More from

December 27, 2024

CISA’s cyber incident reporting portal: Progress and future plans

3 min read - On August 29, 2024, CISA announced the launch of a new cyber-incident Reporting Portal, part of the new CISA Services Portal.“The Incident Reporting Portal enables entities and individuals reporting cyber incidents to create unique accounts, save reports and return to submit later, and eliminate the repetitive nature of inputting routine information such as contact information,” says Lauren Boas Hayes, Senior Advisor for Technology & Innovation, at CISA.Shortly after the announcement, Security Intelligence reported on how the portal was designed and…

December 26, 2024

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces. AI in every pocket Having…

December 24, 2024

Government cybersecurity in 2025: Former Principal Deputy National Cyber Director weighs in

4 min read - As 2024 comes to an end, it’s time to look ahead to the state of public cybersecurity in 2025.The good news is this: Cybersecurity will be an ongoing concern for the government regardless of the party in power, as many current cybersecurity initiatives are bipartisan. But what will government cybersecurity look like in 2025?Will the country be better off than they are today? What are the positive signs that could signal a good year for national cybersecurity? And what threats should…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature