Cloudtweaks Logo
Evelyn Min
May 25, 2016

Why Security Practitioners Need To Apply The 80-20 Rules To Data Security

By Evelyn de Souza

The 80-20 Rule For Security Practitioners 

Everyday we learn about yet another egregious data security breach, exposure of customer data or misuse of data. It begs the question why in this 21st century, as a security industry we cannot seem to secure our most valuable data assets when technology has surpassed our expectations in other regards. It’s getting worse: McKinsey in conjunction with the World Economic Forum have estimated that failing cyber security approaches could have an aggregate impact on technology and business innovation of $3 trillion by 2020.

It’s a common underlying misconception that IT staff knows how to secure today’s mission-critical data assets. Firstly, IT practitioners chartered with securing our most data assets may or may not be trained security practitioners and secondly they are relying on the same solutions that have failed in the past, and which continue to fail. And, given ever-increasing data sets, a changing IT environment and a changing threat landscape, it’s hardly safe to assume that IT has an organization’s most valuable data assets secured.

So what needs to happen?

  • Organizations need to hone in on securing what really matters – it’s most often just a small subset of all the data most organizations process or handle that needs the most rigorous protection. Rather then trying to boil the ocean and secure everything, organizations need to apply the 80-20 approach and focus on that 20 percent of data that is most critical.
  • Data security tools need to be automated. Today’s outdated fragmented toolsets require a considerable ongoing investment in day-to-day management to even come close at being effective. We should be able to harness big data analytics and today’s advanced algorithmic technologies towards pinpointing and then securing an organization’s most valuable assets.
  • Encryption is not a panacea for everything. Encryption strength varies and key management is also an important part of encryption. And as we enter the world of IoT, we need to rethink how we secure and manage data through the lifecycle of machines and the data that those machines generate and exchange.
  • Finally, business leaders have to find ways to work with IT for a much more strategic approach to securing and managing the data assets which comprise the lifeline of their business. This means talking about IT security in business terms versus focusing on IT terms which may not capture the real value of the data that needs securing.

By Evelyn de Souza

Evelyn de Souza
Evelyn de Souza focuses on developing industry blueprints that accelerate secure cloud adoption for business as well as everyday living. She currently serves as the Chair of the newly formed Cloud Security Alliance (CSA) data governance and privacy working group. Evelyn was named to CloudNOW's Top 10 Women in Cloud Computing for 2014 and SVBJ’s 100 Women of Influence for 2015. Evelyn is the co-creator of Cloud Data Protection Cert, the industry's first blueprint for making data protection "business-consumable” and is currently working on a data protection heatmap that attempts to streamline the data privacy landscape.
Srini Kalapala

Driving Growth: Srini Kalapala Discusses Verizon’s Network APIs

Welcome to our interview with Srini Kalapala, Senior VP of Technology and Product Development at [...]
Read more
Sushil Kumar

Generative AI and Cloud Computing: The Greatest Infusion

Generative AI The fusion of cloud computing, app modernization, and artificial intelligence (AI) drives digital [...]
Read more
Steve Prentice

Episode 19: Why AWS Needs to Become Opinionated about FinOps

On today’s episode of the CloudTweaks podcast, Steve Prentice chats with Rahul Subramaniam, CEO at CloudFix [...]
Read more
Chris Bray

Quantum Leap: How Post-Quantum Cryptography Will Dominate 2024 Boardroom

2024 Cybersecurity Predictions As we step into 2024, the technological landscape is poised for transformative [...]
Read more
Rahul Subramanyam

Episode 18: Fixing AWS: The CloudFix Story 

Fixing AWS: The CloudFix Story A conversation with Rahul Subramanyam. CEO at CloudFix, and CTO [...]
Read more
Andy Hilliard

Accelerance CEO Unveils the Future: AI’s Role in Software Development

In this edition of CloudTweaks, we feature an insightful discussion with Andy Hilliard, CEO of [...]
Read more

SPONSOR PARTNER

Explore top-tier education with exclusive savings on online courses from MIT, Oxford, and Harvard through our e-learning sponsor. Elevate your career with world-class knowledge. Start now!
TOPICS
AI BIG DATA CLOUD DEVOPS INFOSEC
SERVICES
SPONSORED POSTS BRANDED COMICS THOUGHT LEADERSHIP WEBINARS
Company
ABOUT BLOG MEDIA KIT CONTACT
© 2024 CloudTweaks. All rights reserved.