DSPM deep dive: debunking data security myths The Register

Partner Content There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge; its recent buzz has brought scrutiny to various security concepts that have cluttered the meaning behind data security posture management.
DSPM provides visibility into where sensitive data is located, who has access to it, how it's being used, and how the security controls and permissions are configured on the data stores or applications hosting the data.
The firewalls, endpoints, and gateways are an obstacle for attackers to overcome and pass through, on the way to the real target - the data living in traditional data stores, and in SaaS applications.
To maintain a strong data security posture, you must protect the data where it lives.
Although DSPM is a new term, discovering and protecting sensitive data is not a new concept.
Many DSPM vendors can show you where you have sensitive data and whether it's at risk, but they can't fix that data exposure.
At Varonis, discovering where sensitive data lives, mapping out the access and permissions, auditing who's accessing the data, and then taking steps to remediate it and lock it down, has been a part of our mission from the very start.
Even if DSPM is a new term for old concepts, it helps frame the conversation and gets everyone working toward the same goal: securing valuable data.
When looking at the current DSPM market, much of the focus is on the data that is attached to infrastructure platforms such as Azure Blob, S3, data lakes, and databases - the core back end where people build different products and solutions.
DSPM is not just about the application that data comes into, it's also about your data's lifecycle.
Think critically of everywhere your data might live.
The data on-prem is still massive and the permissions can potentially be complex, even if we've been living with NTFS permissions for years.
It's crucial to understand where your data is stored, what type of data is being stored, and how your users are interacting with it.
Automated data discovery gives you additional context to make more informed decisions about what your security policy should look like and how you will execute it.
Proper security must be focused further down and taking the next step to secure your data beyond the surface level.
As your data grows, you'll want to ensure your workflows take the scalability of your data into account.
Varonis' customizable DSPM dashboard allows organizations to easily assess their data security posture with an intuitive and customizable interface.
Easily spot risks such as sensitive data exposure, misconfigurations, policy violations, suspicious data activity, stale and risky user identities, and more.
Our Data Security Platform not only gives you a high-level view of your risks, but our automation also fixes what it discovers.
During a recent webinar, Varonis' Mike Thompson and I outlined the exact data security strategy we've used with 7,000-plus CISOs and how our Data Security Platform is the top choice for organizations looking to prioritize deep data visibility, classification capabilities, and automated remediation for data success.


This Cyber News was published on go.theregister.com. Publication date: Tue, 05 Dec 2023 16:43:11 +0000


Cyber News related to DSPM deep dive: debunking data security myths The Register

DSPM deep dive: debunking data security myths The Register - Partner Content There are plenty of technology acronyms in the alphabet soup of the cybersecurity industry, but DSPM is the latest one leading the charge; its recent buzz has brought scrutiny to various security concepts that have cluttered the ...
11 months ago Go.theregister.com
How to perform a proof of concept for automated discovery using Amazon Macie | AWS Security Blog - After reviewing the managed data identifiers provided by Macie and creating the custom data identifiers needed for your POC, it’s time to stage data sets that will help demonstrate the capabilities of these identifiers and better understand how ...
2 months ago Aws.amazon.com
2024 brings changes in data security strategies - 2024 will be a revolutionary year for the data security landscape as Data Security Posture Management technology rapidly evolves to keep pace with the colossal amount of data being created, stored and shared within organizations and across business ...
11 months ago Helpnetsecurity.com
The Irrefutable Case for Customer-Native DSPM - The counterpoint to these awful statistics is the emergence of data security posture management, which involves the continuous assessment, monitoring, and enhancement of an organization's data security. While some DSPM providers advocate traditional ...
7 months ago Securityboulevard.com
How Can DSPM Prevent High-Profile Breaches? - In early October 2023, a DNA testing company for ancestry discovery purposes, 23andMe, disclosed that it suffered a data breach. On the 5th of December 2023, the company shared that the data breach was more damaging than was initially reported. On ...
11 months ago Gbhackers.com
Concentric AI expands Semantic Intelligence DSPM capabilities with audio and video data protection - Concentric AI unveiled that its Semantic Intelligence DSPM solution now offers sensitive data discovery, identification, risk monitoring, and remediation protection for audio and video files, furthering the data protection capabilities of its DSPM ...
11 months ago Helpnetsecurity.com
Debunking Myths About Linux Kernel Patching - As the kernel evolves to meet the demands of modern computing, patching becomes essential to keep it secure. There are some myths and misconceptions about Linux kernel patching that often discourage users from carrying out this crucial task. In this ...
11 months ago Securityboulevard.com
Debunking Popular Myths About Vulnerability Management - The irony is that the right vulnerability management solutions can actually take the weight off - your security team, your organization, and your other assets. Understanding how means debunking some of the more popular myths around this topic and ...
11 months ago Securityboulevard.com
CVE-2013-0135 - Multiple SQL injection vulnerabilities in PHP Address Book 8.2.5 allow remote attackers to execute arbitrary SQL commands via the id parameter to (1) addressbook/register/delete_user.php, (2) addressbook/register/edit_user.php, or (3) ...
7 years ago
Five business use cases for evaluating Azure Virtual WAN security solutions - To help organizations who are evaluating security solutions to protect their Virtual WAN deployments, this article considers five business use cases and explains how Check Point enhances and complements Azure security with its best-of-breed, ...
6 months ago Blog.checkpoint.com
Cybersecurity jobs available right now: October 2, 2024 - Help Net Security - As an Applied Cybersecurity Engineer (Center for Securing the Homeland), you will apply interdisciplinary competencies in secure systems architecture and design, security operations, threat actor behavior, risk assessment, and network security to ...
2 months ago Helpnetsecurity.com
CVE-2017-17713 - Trape before 2017-11-05 has SQL injection via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp ...
6 years ago
CVE-2017-17714 - Trape before 2017-11-05 has XSS via the /nr red parameter, the /nr vId parameter, the /register User-Agent HTTP header, the /register country parameter, the /register countryCode parameter, the /register cpu parameter, the /register isp parameter, ...
6 years ago
Aim for a modern data security approach - Risk, compliance, governance, and security professionals are finally realizing the importance of subjecting sensitive workloads to robust data governance and protection the moment the data begins traversing the data pipeline. Why current data ...
11 months ago Helpnetsecurity.com
6 Best Cloud Security Companies & Vendors in 2024 - Cloud security companies specialize in protecting cloud-based assets, data, and applications against cyberattacks. To help you choose, we've analyzed a range of cybersecurity companies offering cloud security products and threat protection services. ...
9 months ago Esecurityplanet.com
Microsoft Security Copilot improves speed and efficiency for security and IT teams - First announced in March 2023, Microsoft Security Copilot-Microsoft's first generative AI security product-has sparked major interest. With the rapid innovations of Security Copilot, we have taken this solution beyond security operations use cases ...
11 months ago Microsoft.com
Rubrik EPE secures enterprise data from cyberattacks - Artificial intelligence, digital transformation, and the Internet of Things have caused a data explosion, leading organizations to grapple with a surging amount of fragmented data where it lives. Rubrik released Rubrik Enterprise Proactive Edition, a ...
8 months ago Helpnetsecurity.com
CVE-2023-52780 - In the Linux kernel, the following vulnerability has been resolved: net: mvneta: fix calls to page_pool_get_stats Calling page_pool_get_stats in the mvneta driver without checks leads to kernel crashes. First the page pool is only available if the bm ...
6 months ago Tenable.com
CVE-2024-47716 - In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernels built with clang/LLD 17.0.6: BUG: unsupported FP ...
1 month ago Tenable.com
How Data Fabric Architecture Helps Enhance Security Governance - Essentially, data fabric is an approach to managing and integrating data, aimed at enabling access to information across the enterprise in a versatile, iterable, and augmented way. The data fabric concept can translate into an architecture that ...
6 months ago Cybersecurity-insiders.com
Embracing Security as Code - Everything is smooth until it isn't because we traditionally tend to handle the security stuff at the end of the development lifecycle, which adds cost and time to fix those discovered security issues and causes delays. Over the years, software ...
11 months ago Feeds.dzone.com
New Microsoft Purview features use AI to help secure and govern all your data - More than 90% of organizations use multiple cloud infrastructures, platforms, and services to run their business, adding complexity to securing all data.1Microsoft Purview can help you secure and govern your entire data estate in this complex and ...
11 months ago Microsoft.com
10 Best Security Service Edge Solutions - Security Service Edge is an idea in cybersecurity that shows how network security has changed over time. With a focus on customized solutions, Security Service Edge Solutions leverages its expertise in multiple programming languages, frameworks, and ...
9 months ago Cybersecuritynews.com
Deepfake attacks will cost $40 billion by 2027 - Now one of the fastest-growing forms of adversarial AI, deepfake-related losses are expected to soar from $12.3 billion in 2023 to $40 billion by 2027, growing at an astounding 32% compound annual growth rate. Deloitte sees deep fakes proliferating ...
5 months ago Venturebeat.com
Building a Sustainable Data Ecosystem - Finally, I outline future research and policy refinement directions, advocating for a collaborative and responsible approach to building a sustainable data ecosystem in generative AI. In recent years, generative AI has emerged as a transformative ...
8 months ago Feeds.dzone.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)