Your adversaries want two things—Data and Control. It’s time to prepare for cyber resilience and demand data-centric security.

Many federal enterprises manage large, complex, expensive and often outdated legacy IT systems. Modernizing and securing federal IT resources can seem daunting and overwhelming, but it’s worth remembering that agencies built these IT infrastructures one application, one data source at a time. And this approach is exactly how they will reach their destination of modern, secure applications.

"As you make progress over time, you will reach the critical point where you’re no longer securing data—the data is practically securing itself."

– GUS HUNT, Managing Director Cyber Strategy Lead

The journey to data-centric security

What are the best ways to apply data-centric security practices to harden data, minimize threats and shift power away from adversaries? Start with what’s good—then keep working your way to what’s even better.

Image

The good

Know your data assets

Formally review your data and systems to prioritize their importance.

Audit all data activity

Find patterns of user and system behaviors to enable proactive security, detect and stop malware, and apply user and entity behavior analytics (UEBA).

Implement encryption

Ensure you have complete control of your data, both at rest and in transit.

Tag and mark data

Establish a framework for automated access control decision services–and keep it as simple as possible.

Image

The better

Implement across-the-board identity and access management (IDAM)

Minimize the impact of any change to data, security or applications and ensure data is securely available to the business systems that need it.

Enable discovery

Provide a mechanism for users to discover data they may not have explicit permission to see.

Assure data integrity

Use blockchain to ensure data integrity and detect unauthorized alteration of data.

Image

The best

Adopt tokenization

Substitute alternative values for sensitive data in both structured and unstructured formats.

Use multiple databases

Ensure no single vulnerability can be exploited to give attackers unfettered access to your data.

Micro-segment

Secure data so that individuals only see data that’s necessary to perform their jobs.

Throttle access

Throttle individuals’ access to data to help prevent wholesale data theft.

Gus Hunt

Managing Director & Cyber Lead

MORE ON THIS TOPIC


Subscription Center
Stay in the Know with Our Newsletter Stay in the Know with Our Newsletter