1. Turn data from risk liability into an asset

    Big data has proven to be a big asset for corporations who are trying to collect information and make informed business decisions, but if the proper strategies for protecting that data are not in place, the risks to the enterprise can be costly. Earlier this year Cisco reported that worldwide mobile traffic is expected to grow eightfold from 2015 to 2020 reaching 30.6 exabytes, monthly.

    Read Full Article

    1. When best practices around data protection and compliance are not strictly enforced, the risks of this data becoming a liability extends across all levels of the company, both financially and operationally.
    2. Enterprises need to think about how to position data as a corporate asset in order to mitigate liability risks and, at the same time, leverage their data's value.
    3. If you don't have someone who uses that data to create value, it becomes a liability.
    4. If you go across data sets and find that the why is not there, but someone insists on holding onto the data because they might be able to use it later, get rid of it!
    5. Having a purpose is required. If it's collected for human resources, I shouldn't be using it for other purposes. That's a legal requirement and it's a moral and ethical requirement.
    6. There are tools that track the integrity and quality and provenance of the data—particularly for privacy standards.
    7. Underpinning a data governance framework from an operational standpoint, they need the ability to know and log any exceptions around the data being handled.
    8. For the compliance side of the house, they focus on data and how it's used. Security is focused on threats. Those two need to be communicating. Folks responding to threats need to understand the value of data to prioritize their security around protecting that data.
    9. They can set controls in terms of who has access to that data with whom that data is communicated, and in what format.
    10. The reason most sophisticated hackers are so effective is because they know the environment they are attacking better than the defenders.
    11. Protect data centers at the perimeter, but know that the benefit of that edge is one dimensional. When you get into the interior, there are many dimensions. If you don't know where your valuable information is, you can't protect it.
    12. The steps to take are not rocket science. Patch vulnerabilities, segmentation tools, shut down paths. Just about every major breach has involved lateral movement through servers to find a high value target. If we could make lateral movement harder, it would make every breach harder.
  2. Authors