Your data is a risk! Today’s organizations deal with a lot of data and are subject to Data Protection regulations across the globe. Any risk to an organization’s data adversely affects its business, market value, public image, and market shares. Any risk management strategy must take data protection under its purview.
We are starting with a blog series where we will discuss the data protection aspects of Risk Management, and how an efficient Data Loss Prevention (DLP) strategy can help you manage and reduce risks.
Let us first begin with understanding what Risk is and the context we are considering the risk in. Risk to an organization is any probable threat that can negatively affect the functioning of the organization. It can be broadly classified as follows:
External Risk
Internal Risk
Physical Risk
Cyber Risk
Note that these classifications are interdependent and not mutually exclusive.
In this blog series, we will be focusing on Cyber Risk.
Cyber Risk or Information Security Risk is defined as any probable threat to the Confidentiality, Integrity, and Accessibility (CIA) triad of an organization’s assets – including but not limited to data, information systems, and processes.
In today’s world, where data is the most valued asset (and weapon), it is crucial to adopt a Risk Management strategy curated for your organization.
Risk management is a process of identifying vectors that could corrupt or damage an organization’s assets, evaluating those vectors by considering asset value and countermeasure cost, and implementing cost-effective solutions for mitigating or reducing risk. The goal of Risk Management is not to eliminate the risk, but to reduce it to an acceptable level.
While Risk Management strategy must be curated for every organization, a few steps are very important and common to all organizations. These steps are:
Asset Discovery and Management.
Asset Valuation
Data Loss Prevention
Vulnerability Management Solutions
Asset Discovery and Management.
We are moving towards distributed, hybrid architectures involving cloud, SaaS, data centers, and peer-to-peer networks. In such environments, Asset management across all the teams and cloud accounts of the organization is nearly impossible. TalaSecure’s Ransomware Defender can help you discover cloud assets across all your cloud accounts and not only provide you with a detailed view of each asset but will also show how each of these assets is linked.
Asset Valuation
Once you have a glimpse of your organization’s landscape, you need to formulate a way to decide the value of the assets. Asset value determines the criticality of an asset. The higher the asset value, the more critical is the asset. It helps us determine:
The priority of remediation/protection is to provide the asset
The acceptable risk for the asset, which helps us determine the risk score
Traditional methods for determining Asset value include Qualitative (high, medium, low) or Quantitative (a $$ value) methodology. While both methods are valid, a factor that must be considered is the data flowing through or controlled by the asset. Determining the data flow through the organization systems can help determine asset value accurately.
Today, if we generalize an IT landscape of an organization, we have:
Developer endpoints – laptops, VMs, remote workstations where code is developed
Code repositories
CI/CD pipelines
Deployed environments (cloud, datacenters, hybrid, peer-to-peer networks)
Web applications
Data stores (databases, cloud storage, data lakes)
SaaS Products (Salesforce, JIRA, Sumologic, Gmail)
Data Loss Prevention
With data flowing through these assets, we need protective measures at key places to ensure data is not exposed, leaked, or corrupted.
Here, an appropriate DLP (Data Loss Prevention) solution will help reduce the risk. Many modern DLPs offer varying levels of coverage in today’s hybrid environments in the form of solution components including, but not limited to endpoint agents, Cloud Access Security Brokers (CASB), network, email, and web protection components. Innovation in the ML-based data fingerprinting approach to detect the data flowing through an asset will give you a clear view of the data's criticality and help you accurately determine the Asset value.
Vulnerability Management Solutions
This information must be supplemented with data from Vulnerability Management solutions – which will provide you with the risks associated with an asset. The probability of a vulnerability being exploited (known as the Exposure Factor) for the given asset will help you calculate the risk score for an asset and determine the countermeasure for the same.
TalaSecure team can build custom connectors, ingest information produced by DLP and VM solutions, and help you determine the risk score for all your cloud assets. Our team of experts can help you build a custom Risk Management Strategy for your organization and help you set up automated governance mechanisms to ensure your risk doesn’t realize. Contact us for more information.
This blog discussed how Risk Management Strategy is linked with Data Loss Prevention Strategy. We determined how asset value can be enhanced based on the data flowing through it and how DLP can help you reduce the risks. In the next blog, we will discuss different types of DLP, use cases for the DLP, and how we can incorporate them into our Risk Management Strategy.
Authors
Rajesh Kanungo: linkedin.com/in/rajeshkanungo
Saurabh Malpure: linkedin.com/in/saurabhmalpure