The role of a data security analyst isn’t an easy one. It has always been hard to address data security because of the volume, speed and variety of data in the IT landscape. However, over the last few years, the job of a data security analyst, focused on protecting sensitive or regulated data, has become harder than ever. Why?

Changes in the world of data security analysts

Every business has become a technology company. With more tech comes more data and more risks. You should follow a compliance framework, depending on the industry. However, simply ‘checking off a box’ does not guarantee you are secure.

Businesses that focus on going digital and monetizing data have created a whole new level of data chaos and sprawl. More and more people grab and copy data to use in new apps, fuel new business processes and spin up more DevOps environments.

Data chaos — and loss of visibility and control of that data — occurs as data moves from on-premises environments to the hybrid cloud. From there, it sprawls across multiple cloud service providers. The shift to the cloud has created more data issues, too.

Cloud migration

With cloud migration comes prized cloud data. It’s a resource that, according to Forrester’s Jennifer Belissent, is a moderate priority for 61% of organizations and a critical or high priority for 25%. The average cost of a data breach increased 2.6% from $4.24 million in 2021 to $4.35 million in 2022. Does your data security team know where your data is or what it is? If not, you can’t protect it or meet compliance rules.

New compliance and data privacy regulations have created stress and strained IT resources. They require businesses to create and keep audit reports, and most data security analysts don’t know how to do so.

Plus, with the sprawl of data, some organizations fall into the old trap of siloed data security. They may try to use native data security tools that come with different cloud service providers to protect cloud data, with another solution bolted on to protect on-premises data. This fragmented approach to data security is not easy to manage. It creates gaps in insight that attackers can exploit to cause a breach.

All these factors work together to create today’s complex work environment for the data security analyst. Chief data officers (CDOs) and chief information security officers (CISOs) should partner to develop data strategies that bolster innovation while cutting down on risk. By lending their expertise, CISOs can help CDOs strengthen security controls for sensitive data. At the same time, they can increase access to other important types of data.

New data security requirements

With the new data security challenges to overcome, these six tips help ensure your data security strategy can keep up with today’s complex data landscape and security requirements:

  1. Create and manage compliance and data security policies from one central place. Do this with a holistic view. They also need to enforce those policies equally across on-premises and cloud data sources.
  2. Use real-time activity monitoring for both on-premises and cloud data sources. Protect mission-critical data in real-time, no matter where it is located.
  3. Employ an orchestrated response, deploy open integration, reduce complexity and develop skills. The more complex and difficult the data landscape becomes, the greater the need to have a data security solution that can adapt. It needs to automate tasks such as enforcing policies, connecting responses with the security operations center and opening an incident response ticket. The harder it is to do these things — and the more time and effort data security analysts have to take to do manual and custom work — the less time they have to spend on securing and protecting the data and the business.
  4. Develop flexible support in a changing data landscape. Users can become frustrated when security solutions only support a finite set of capabilities and data sources. They cannot adapt to business needs as sensitive and regulated data flows throughout the environment. Having a solution that can adapt is key.
  5. Support agentless monitoring for audit requirements. As data sources expand, it becomes harder and more expensive to deploy real-time agent-based monitoring for every data source across the data landscape. Reserve agent-based monitoring for sensitive or regulated data in mission-critical data sources that need real-time protection. What about data sources that simply need to be monitored and reported on for audit purposes? In that case, it is acceptable and less expensive to use an agentless approach.
  6. Use automated discovery and classification for all data (unstructured and structured). Organizations should discover and classify their sensitive and regulated data. That way, they can triage their data security program and take a strategic approach. It is also important to know where structured and unstructured data is located. Repeat the discovery process over time, because data is constantly moving. You need to be able to find and protect it wherever it goes.

While the basics of data security remain the same, your data security analyst needs more support today from your solutions than they needed in the past.

Today’s support solutions

With the evolution of Guardium, IBM Security is prepared to support the evolving role of the data security analyst, address these challenges and work with you to future-proof your organization. IBM Security Guardium is a modern, scalable data security platform. It protects sensitive and regulated data across multiple cloud environments while managing compliance obligations, discovering where sensitive data lives, encrypting and monitoring what’s important and reducing risks while responding to threats.

If you’d like to learn more about our recent releases, Guardium Insights 3.2 and Guardium Data Protection 11.5, join us for the upcoming webinar on Thursday, Oct. 6, 2022, at 1:00 p.m. EDT. Find more about Guardium here.

More from Zero Trust

Does your security program suffer from piecemeal detection and response?

4 min read - Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection systems An underperforming security orchestration, automation and response (SOAR) system Only capable of taking automated responses on the endpoint Anomaly detection in silos (e.g., network separate from identity) If any of these symptoms resonate with your organization, it's…

Zero trust data security: It’s time to make the shift

4 min read - How do you secure something that no longer exists? With the rapid expansion of hybrid-remote work, IoT, APIs and applications, any notion of a network perimeter has effectively been eliminated. Plus, any risk inherent to your tech stack components becomes your risk whether you like it or not. Organizations of all sizes are increasingly vulnerable to breaches as their attack surfaces continue to grow and become more difficult — if not impossible — to define. Add geopolitical and economic instability…

How zero trust changed the course of cybersecurity

4 min read - For decades, the IT industry relied on perimeter security to safeguard critical digital assets. Firewalls and other network-based tools monitored and validated network access. However, the shift towards digital transformation and hybrid cloud infrastructure has made these traditional security methods inadequate. Clearly, the perimeter no longer exists. Then the pandemic turned the gradual digital transition into a sudden scramble. This left many companies struggling to secure vast networks of remote employees accessing systems. Also, we’ve seen an explosion of apps,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today