Insights: You can’t have ‘data’ privacy without security

This Data Privacy Day brings with it the sense of being at a crucial crossroads, particularly since generative artificial intelligence (GenAI) invaded our daily life.

At the heart of data privacy is security, they are intertwined – you can’t have privacy without safeguarding it.

Data is the lifeblood that decisions are made on – it fuels innovation in the cloud, but the volume and complexity in hybrid and multi-cloud environments make it difficult to secure. Siloed data security solutions produce many critical alerts, but how do security teams know if those risks should take priority over other exposures like an over-privileged virtual machine or a workload with a severe CVE? If everything is “critical”, nothing is, and security teams are left guessing where they should direct their remediation efforts.

Protecting data in public cloud environments starts with answering three seemingly simple security questions:

• What type of data do I have in the cloud? How is it classified? Is it sensitive?
• Where is my sensitive data in the cloud? Who has access?
• What are the risks to my cloud data?

AI muddying the waters

With data at the heart of everything, it would be amiss not to mention the potential disruption AI is driving an ever-increasing volume and variety of data stored in the cloud, adding another layer of risk.

As AI applications become more sophisticated, they require more data to learn and function effectively. For organisations, controlling AI deployment usage while also identifying vulnerabilities within AI tools and AI development packages, this is yet another headache for the security team to worry about.

Together, this creates a virtuous cycle — the more data stored and used the greater the range of AI use cases, which attracts even more users. But with each new user, data type and storage solution, the cloud attack surface expands.

In addition, threat actors are starting to harness AI to write malware for ransomware attacks. Discovered by CheckPoint, FunkSec is one such group that is believed to use AI-assisted malware development. The danger is that this could see inexperienced actors able to spin up and refine tools quickly to launch attacks.

With ransomware, we’ve seen malicious actors get increasingly aggressive with their threats. Ten years ago a ransomware attack was really obvious. Today these attacks are less obvious and can go undetected for a few weeks as threat actors look to obfuscate their presence as they creep around and steal data.

Once they’ve extracted the information it’s out of your control. With some governments looking to ban ransomware payments, it could mean that they lay incendiaries, threatening to destroy the data which could leave an organisation unable to function.

Data risks: When things go wrong

While there are many cloud exposures to manage, data risks aren’t something to ignore. Whether it’s a breach of customer information, financial records, or intellectual property, unauthorised access to data can have severe regulatory and reputational consequences. It can lead to mistrust and brand damage externally, while internally there is increased scrutiny from the board who are questioning the organisation’s security posture. If there’s not, there should be!

The cloud’s unique challenges and opportunities for data and AI make it crucial for organisations to address the full spectrum of security responsibilities that accompany collecting, storing and using data. These responsibilities include automatically and continuously scanning data assets, discovering and monitoring sensitive data and alerting on any potential risk.

Data security posture management (DSPM) is a set of ongoing processes and technologies that provides visibility into where sensitive data is stored, who has access to it, and how it’s being used across an organisation’s systems, providing analysis of the overall security posture around data itself, rather than just the infrastructure hosting it.

Cloud native application protection platform (CNAPP) solutions replace a patchwork of siloed products that often cause more problems than they solve, such as multiple false positives and excessive alerts. Those individual products usually provide only partial coverage and often create overhead and friction with the products they’re supposed to work with.

Most importantly, CNAPPs allow businesses to monitor the health of cloud native applications as a whole rather than individually monitoring cloud infrastructure and application security.

When DSPM is integrated into CNAPP it empowers the security team to obtain actionable data context that better prioritises risks and reduces the organisation’s exposure to customer data breaches and the compromise of AI resources and intellectual property.

This Data Privacy Day, every organisation must take action to protect the data it relies upon to function and that it’s trusted to protect, wherever it resides.

Security teams need a comprehensive view of their cloud data and the risks associated with it, allowing them to know where they’re exposed and take action to close those critical risks.”

The writer is the VP, Middle East & North Africa  at Tenable.

Read: How governments can deal with data sovereignty