Virtualization Technology News and Information
Dig Security 2023 Predictions: Business Leaders Must Prioritize Cloud Data Security


Industry executives and experts share their predictions for 2023.  Read them in this 15th annual series exclusive.

Business Leaders Must Prioritize Cloud Data Security

By Dan Benjamin, Co-Founder and CEO, Dig Security

Cloud computing enables unprecedented - and unparalleled - flexibility, performance, and velocity. As organizations continue shifting applications, infrastructure, data and workloads to the cloud, the risk for cloud data breaches increases. Cloud threats will continue to grow and proliferate in 2023, but organizations can meet the challenges head-on with the right security fundamentals in place.

Prioritizing Data Security

Cybersecurity is a critical business priority. In fact, most corporate boards now regard cybersecurity as a business risk rather than solely a technical IT problem, according to a Gartner survey. The risks of cyberattacks span virtually all functions and business stakeholders - business units, companies, partners and customers. Given the stakes, CEOs and other senior leaders must take an active role in a company's cybersecurity strategy. This starts with taking inventory of key assets, such as data, accounting for the entities that interact with them, such as devices and users (both internal and external, like buyers), and building a stack that integrates the proper tooling to protect those assets.

In 2023, noting the continued impact of breaches, CISOs must prioritize the adoption of security solutions that provide visibility into the data assets their organization holds, where it lives, and the risks that surround data. Data, particularly in cloud-centric businesses, is the lifeblood of modern enterprises. Visibility is critical for security leaders as they build programs to meet compliance standards in increasingly regulated markets and secure data to protect their business from the risks associated with a challenging threat landscape.

Cloud-forward businesses hold so much data that it's easy to lose track of. Statista estimates that 60% of enterprise data today is stored in the cloud, yet legacy data protection solutions are ineffective in modern cloud environments. At the same time, there is increasing regulatory pressure to secure customer data with new and stricter data security standards set by the Consumer Financial Protection Bureau (CFPB) and in the FTC Safeguards Rule. Data is a business's crown jewels, often containing trade secrets, personally identifiable information (PII), financials, and more. Organizations must protect data, or they risk serious disruption in the form of ransomware demands, fines, or bankruptcy.

The transition from on-prem computing to cloud makes it more difficult for organizations to ensure their data is secure. As a result, businesses must change the way they think about data security. It must be a top priority, and the constantly changing nature of the cloud landscape requires agile data security solutions that are equally dynamic. Traditional tooling lacks the necessary speed and adaptability for today's environments.

Data Detection and Response

CISOs are confronted with the challenge of navigating the alphabet soup of solutions that claim to solve the cloud data security problem. For the last several years, Cloud Security Posture Management (CSPM) solutions were the prevailing technology used to protect cloud assets. However, CSPM focuses only on protecting infrastructure, not data, resulting in ongoing exposure and breaches of sensitive data. 

As a result, Gartner introduced the idea of Data Security Posture Management (DSPM) - tooling that creates a consistent security posture for data as it flows between on-prem systems and cloud deployments. DSPM offers data discovery and classification capabilities and the ability to identify static data risks based on the context of the data - who can access it, where it is located, where it is going, whether it is encrypted, and more. 

But DSPM alone is not enough, as it lacks real-time monitoring, detection, and response. Today, a motivated attacker can breach data in the cloud in less than three minutes. In response, Security teams need an equally dynamic solution to keep pace with threats in real time and a single point of visibility into the entire cloud and data store.

Another subset of solutions has emerged as a result - Data Detection and Response (DDR). DDR monitors and processes all cloud events to detect and respond to data threats in real time to set critical security workflows in motion. DDR monitors all types of data-interactions that could potentially lead to a breach, making it a key component of a successful cloud security stack by reducing mean time to detection (MTTD) and mean time to response (MTTR). DDR, alongside DSPM, is a key component of a successful cloud security stack. In 2023, the hope is that DDR will become increasingly standardized among cloud users for data security.

Dig Security is the only vendor to combine critical capabilities for data security posture management (DSPM), cloud data loss prevention (DLP), and data detection and response (DDR) in a single platform. To enable companies to harden cloud data, Dig Security created the industry's first and only Data Detection and Response (DDR) solution offering real-time data protection across any cloud and data store. The Dig Data Security Platform provides its users - leaders in financial services, business software, and innovative SaaS-based technology companies - with complete visibility and control into their multi-cloud data estate. Dig automatically finds any data asset - whether it is platform as a service [PaaS], database as a service [DBaaS] or infrastructure as a service [IaaS] - brings context to how it's used and what it contains, and provides real-time protection in response. 




Dan Benjamin is the Co-Founder and CEO of Dig Security, a leading cloud data security company that helps organizations discover, monitor, protect, and govern their cloud data stores through a unified policy engine. Dig's mission is to provide the data security stack for modern enterprises, protecting data wherever it lives inside an organization.

Dan is an entrepreneur with over a decade of industry experience founding and leading startup companies, and has held leadership roles at Fortune 100 companies, including cloud and security leadership roles at Microsoft and Google. During this time, he noticed a gap in public cloud data security solutions, leading him to co-found Dig Security, a company dedicated to helping customers instantly identify cloud security issues to prevent breaches and attacks through real-time data detection and response. Dan is also a former member IDF (8200), an Israeli Intelligence Corps unit of the Israel Defense Forces.

Published Monday, January 16, 2023 7:37 AM by David Marshall
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<January 2023>