The role of a data security analyst isn’t an easy one. It has always been hard to address data security because of the volume, speed and variety of data in the IT landscape. However, over the last few years, the job of a data security analyst, focused on protecting sensitive or regulated data, has become harder than ever. Why?

Changes in the World of Data Security Analysts

Every business has become a technology company. With more tech comes more data and more risks. You should follow a compliance framework, depending on the industry. However, simply ‘checking off a box’ does not guarantee you are secure.

Businesses that focus on going digital and monetizing data have created a whole new level of data chaos and sprawl. More and more people grab and copy data to use in new apps, fuel new business processes and spin up more DevOps environments.

Data chaos — and loss of visibility and control of that data — occurs as data moves from on-premises environments to the hybrid cloud. From there, it sprawls across multiple cloud service providers. The shift to the cloud has created more data issues, too.

Cloud Migration

With cloud migration comes prized cloud data. It’s a resource that, according to Forrester’s Jennifer Belissent, is a moderate priority for 61% of organizations and a critical or high priority for 25%. The average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022. Does your data security team know where your data is or what it is? If not, you can’t protect it or meet compliance rules.

New compliance and data privacy regulations have created stress and strained IT resources. They require businesses to create and keep audit reports, and most data security analysts don’t know how to do so.

Plus, with the sprawl of data, some organizations fall into the old trap of siloed data security. They may try to use native data security tools that come with different cloud service providers to protect cloud data, with another solution bolted on to protect on-premises data. This fragmented approach to data security is not easy to manage. It creates gaps in insight that attackers can exploit to cause a breach.

All these factors work together to create today’s complex work environment for the data security analyst. Chief data officers (CDOs) and chief information security officers (CISOs) should partner to develop data strategies that bolster innovation while cutting down on risk. By lending their expertise, CISOs can help CDOs strengthen security controls for sensitive data. At the same time, they can increase access to other important types of data.

New Data Security Requirements

With the new data security challenges to overcome, these six tips help ensure your data security strategy can keep up with today’s complex data landscape and security requirements:

  1. Create and manage compliance and data security policies from one central place. Do this with a holistic view. They also need to enforce those policies equally across on-premises and cloud data sources.
  2. Use real-time activity monitoring for both on-premises and cloud data sources. Protect mission-critical data in real-time, no matter where it is located.
  3. Employ an orchestrated response, deploy open integration, reduce complexity and develop skills. The more complex and difficult the data landscape becomes, the greater the need to have a data security solution that can adapt. It needs to automate tasks such as enforcing policies, connecting responses with the security operations center and opening an incident response ticket. The harder it is to do these things — and the more time and effort data security analysts have to take to do manual and custom work — the less time they have to spend on securing and protecting the data and the business.
  4. Develop flexible support in a changing data landscape. Users can become frustrated when security solutions only support a finite set of capabilities and data sources. They cannot adapt to business needs as sensitive and regulated data flows throughout the environment. Having a solution that can adapt is key.
  5. Support agentless monitoring for audit requirements. As data sources expand, it becomes harder and more expensive to deploy real-time agent-based monitoring for every data source across the data landscape. Reserve agent-based monitoring for sensitive or regulated data in mission-critical data sources that need real-time protection. What about data sources that simply need to be monitored and reported on for audit purposes? In that case, it is acceptable and less expensive to use an agentless approach.
  6. Use automated discovery and classification for all data (unstructured and structured). Organizations should discover and classify their sensitive and regulated data. That way, they can triage their data security program and take a strategic approach. It is also important to know where structured and unstructured data is located. Repeat the discovery process over time, because data is constantly moving. You need to be able to find and protect it wherever it goes.

While the basics of data security remain the same, your data security analyst needs more support today from your solutions than they needed in the past.

Today’s Support Solutions

With the evolution of Guardium, IBM Security is prepared to support the evolving role of the data security analyst, address these challenges and work with you to future-proof your organization. IBM Security Guardium is a modern, scalable data security platform. It protects sensitive and regulated data across multiple cloud environments while managing compliance obligations, discovering where sensitive data lives, encrypting and monitoring what’s important and reducing risks while responding to threats.

If you’d like to learn more about our recent releases, Guardium Insights 3.2 and Guardium Data Protection 11.5, join us for the upcoming webinar on Thursday, Oct. 6, 2022, at 1:00 p.m. EDT. Find more about Guardium here.

More from Zero Trust

SOAR, SIEM, SASE and Zero Trust: How They All Fit Together

Cybersecurity in today’s climate is not a linear process. Organizations can’t simply implement a single tool or strategy to be protected from all threats and challenges. Instead, they must implement the right strategies and technologies for the organization’s specific needs and level of accepted risks. However, once the dive into today’s best practices and strategies begins, it’s easy to quickly become overwhelmed with SOAR, SIEM, SASE and Zero Trust —  especially since they almost all start with the letter S.…

Contain Breaches and Gain Visibility With Microsegmentation

Organizations must grapple with challenges from various market forces. Digital transformation, cloud adoption, hybrid work environments and geopolitical and economic challenges all have a part to play. These forces have especially manifested in more significant security threats to expanding IT attack surfaces. Breach containment is essential, and zero trust security principles can be applied to curtail attacks across IT environments, minimizing business disruption proactively. Microsegmentation has emerged as a viable solution through its continuous visualization of workload and device communications…

Why Zero Trust Works When Everything Else Doesn’t

The zero trust security model is proving to be one of the most effective cybersecurity approaches ever conceived. Zero trust — also called zero trust architecture (ZTA), zero trust network architecture (ZTNA) and perimeter-less security — takes a "default deny" security posture. All people and devices must prove explicit permission to use each network resource each time they use that resource. Using microsegmentation and least privileged access principles, zero trust not only prevents breaches but also stymies lateral movement should a breach…

What to Know About the Pentagon’s New Push for Zero Trust

The Pentagon is taking cybersecurity to the next level — and they’re helping organizations of all kinds do the same. Here’s how the U.S. Department of Defense is implementing zero trust and why this matters to all businesses and organizations. But first, let’s review this zero trust business. What is Zero Trust? Zero trust is the most important cybersecurity idea in a generation. But “zero trust” is itself a bit of a misnomer. It’s not about whether a person or…