Your adversaries want two things—Data and Control. It’s time to prepare for cyber resilience and demand data-centric security.
Many federal enterprises manage large, complex, expensive and often outdated legacy IT systems. Modernizing and securing federal IT resources can seem daunting and overwhelming, but it’s worth remembering that agencies built these IT infrastructures one application, one data source at a time. And this approach is exactly how they will reach their destination of modern, secure applications.
The journey to data-centric security
What are the best ways to apply data-centric security practices to harden data, minimize threats and shift power away from adversaries? Start with what’s good—then keep working your way to what’s even better.
Know your data assets
Formally review your data and systems to prioritize their importance.
Audit all data activity
Find patterns of user and system behaviors to enable proactive security, detect and stop malware, and apply user and entity behavior analytics (UEBA).
Ensure you have complete control of your data, both at rest and in transit.
Tag and mark data
Establish a framework for automated access control decision services–and keep it as simple as possible.
Implement across-the-board identity and access management (IDAM)
Minimize the impact of any change to data, security or applications and ensure data is securely available to the business systems that need it.
Provide a mechanism for users to discover data they may not have explicit permission to see.
Assure data integrity
Use blockchain to ensure data integrity and detect unauthorized alteration of data.
Substitute alternative values for sensitive data in both structured and unstructured formats.
Use multiple databases
Ensure no single vulnerability can be exploited to give attackers unfettered access to your data.
Secure data so that individuals only see data that’s necessary to perform their jobs.
Throttle individuals’ access to data to help prevent wholesale data theft.