The role of a data security analyst isn’t an easy one. It has always been hard to address data security because of the volume, speed and variety of data in the IT landscape. However, over the last few years, the job of a data security analyst, focused on protecting sensitive or regulated data, has become harder than ever. Why?

Changes in the World of Data Security Analysts

Every business has become a technology company. With more tech comes more data and more risks. You should follow a compliance framework, depending on the industry. However, simply ‘checking off a box’ does not guarantee you are secure.

Businesses that focus on going digital and monetizing data have created a whole new level of data chaos and sprawl. More and more people grab and copy data to use in new apps, fuel new business processes and spin up more DevOps environments.

Data chaos — and loss of visibility and control of that data — occurs as data moves from on-premises environments to the hybrid cloud. From there, it sprawls across multiple cloud service providers. The shift to the cloud has created more data issues, too.

Cloud Migration

With cloud migration comes prized cloud data. It’s a resource that, according to Forrester’s Jennifer Belissent, is a moderate priority for 61% of organizations and a critical or high priority for 25%. The average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022. Does your data security team know where your data is or what it is? If not, you can’t protect it or meet compliance rules.

New compliance and data privacy regulations have created stress and strained IT resources. They require businesses to create and keep audit reports, and most data security analysts don’t know how to do so.

Plus, with the sprawl of data, some organizations fall into the old trap of siloed data security. They may try to use native data security tools that come with different cloud service providers to protect cloud data, with another solution bolted on to protect on-premises data. This fragmented approach to data security is not easy to manage. It creates gaps in insight that attackers can exploit to cause a breach.

All these factors work together to create today’s complex work environment for the data security analyst. Chief data officers (CDOs) and chief information security officers (CISOs) should partner to develop data strategies that bolster innovation while cutting down on risk. By lending their expertise, CISOs can help CDOs strengthen security controls for sensitive data. At the same time, they can increase access to other important types of data.

New Data Security Requirements

With the new data security challenges to overcome, these six tips help ensure your data security strategy can keep up with today’s complex data landscape and security requirements:

  1. Create and manage compliance and data security policies from one central place. Do this with a holistic view. They also need to enforce those policies equally across on-premises and cloud data sources.
  2. Use real-time activity monitoring for both on-premises and cloud data sources. Protect mission-critical data in real-time, no matter where it is located.
  3. Employ an orchestrated response, deploy open integration, reduce complexity and develop skills. The more complex and difficult the data landscape becomes, the greater the need to have a data security solution that can adapt. It needs to automate tasks such as enforcing policies, connecting responses with the security operations center and opening an incident response ticket. The harder it is to do these things — and the more time and effort data security analysts have to take to do manual and custom work — the less time they have to spend on securing and protecting the data and the business.
  4. Develop flexible support in a changing data landscape. Users can become frustrated when security solutions only support a finite set of capabilities and data sources. They cannot adapt to business needs as sensitive and regulated data flows throughout the environment. Having a solution that can adapt is key.
  5. Support agentless monitoring for audit requirements. As data sources expand, it becomes harder and more expensive to deploy real-time agent-based monitoring for every data source across the data landscape. Reserve agent-based monitoring for sensitive or regulated data in mission-critical data sources that need real-time protection. What about data sources that simply need to be monitored and reported on for audit purposes? In that case, it is acceptable and less expensive to use an agentless approach.
  6. Use automated discovery and classification for all data (unstructured and structured). Organizations should discover and classify their sensitive and regulated data. That way, they can triage their data security program and take a strategic approach. It is also important to know where structured and unstructured data is located. Repeat the discovery process over time, because data is constantly moving. You need to be able to find and protect it wherever it goes.

While the basics of data security remain the same, your data security analyst needs more support today from your solutions than they needed in the past.

Today’s Support Solutions

With the evolution of Guardium, IBM Security is prepared to support the evolving role of the data security analyst, address these challenges and work with you to future-proof your organization. IBM Security Guardium is a modern, scalable data security platform. It protects sensitive and regulated data across multiple cloud environments while managing compliance obligations, discovering where sensitive data lives, encrypting and monitoring what’s important and reducing risks while responding to threats.

If you’d like to learn more about our recent releases, Guardium Insights 3.2 and Guardium Data Protection 11.5, join us for the upcoming webinar on Thursday, Oct. 6, 2022, at 1:00 p.m. EDT. Find more about Guardium here.

More from Zero Trust

Effectively Enforce a Least Privilege Strategy

Every security officer wants to minimize their attack surface. One of the best ways to do this is by implementing a least privilege strategy. One report revealed that data breaches from insiders could cost as much as 20% of annual revenue. Also, at least one in three reported data breaches involve an insider. Over 78% of insider data breaches involve unintentional data loss or exposure. Least privilege protocols can help prevent these kinds of blunders. Clearly, proper management of access…

What CISOs Want to See From NIST’s Impending Zero Trust Guidelines

Cybersecurity at U.S. federal agencies has been running behind the times for years. It took an executive order by President Joe Biden to kickstart a fix across the agencies. The government initiative also serves as a wake-up call to enterprises lagging in getting zero trust up and running. Several organizations, including the Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Institute of Standards and Technology (NIST) responded to the president’s order with detailed…

Cost of a Data Breach: Infrastructure

During the pandemic, businesses and consumers saw firsthand what happens when infrastructure fails. In 2019, the global critical infrastructure protection (CIP) market size was valued at $96.30 billion. It is predicted to grow to $154.59 billion by 2027, with a CAGR of 6.2%. On top of that, each time an organization in a critical sector is the victim of any type of cybersecurity incident resulting in data loss, the event counts as a critical infrastructure data breach. Let's take a…

Companies Without Zero Trust Could Lose $1M More During a Data Breach

In recent years, the mindset for cybersecurity has shifted. It isn't a matter of if a company has a breach, but rather when a company has a breach. With the increase in cybersecurity incidents, most if not all companies will be victims of a data breach at some point. However, the latest research shows that organizations using zero trust can save more than $1 million during a breach.  Record High Costs for Data Breaches According to the 2022 IBM Cost of…