Top Takeaways from the Gartner® Innovation Insight: Data Security Posture Management
Published 07/19/2023
Originally published by Laminar.
Written by Andy Smith, Chief Marketing Officer, Laminar.
According to our recent State of Cloud Data Security Report 2023, 77% of organizations experienced a cloud data breach in 2022. That’s particularly concerning considering that 60% of worldwide corporate data was stored in the cloud during that same period. So while the cloud has become an integral part of doing business, data security in the cloud is lagging behind.
Gartner has recently published a new piece emphasizing the importance of data security posture management (DSPM) in addressing the challenges of rapid data proliferation in the cloud, Gartner Innovation Insight: Data Security Posture Management. In it they provide recommendations for getting started with DSPM and important considerations for DSPM solutions. They define DSPM technologies this way:
“DSPM technologies can discover unknown data and categorize structured and unstructured data across cloud service platforms. Security and risk management leaders can also use them to identify security and privacy risks as data spreads through pipelines and across geographic boundaries.”
Below we’ve gathered key takeaways from the Innovation Insight report, highlighting data security trends for organizations looking for solutions that will support a more proactive and comprehensive approach to keeping their most sensitive data secure in the cloud.
Six Important Takeaways Around DSPM
#1: Organizations are Rapidly Adopting DSPM Solutions to Combat Shadow Data
“By 2026, more than 20% of organizations will deploy DSPM technology, due to the urgent requirements to identify and locate previously unknown data repositories and to mitigate associated security and privacy risks.”
We refer to those “unknown data repositories” as shadow data. They’re a byproduct of data democratization, a process through which business data has been made accessible to and by many teams across the organization for innovation and optimization.
This accessibility of data is vital to business growth, but has also resulted in a significant increase in risk. Data can be copied, modified, moved, and backed up with just a few clicks. Without specialized tooling, data security professionals are hard-pressed to secure it all.
Awareness of shadow data and the importance of DSPM to discover and combat the risk of this previously unknown data is growing at an almost unprecedented rate. In the Gartner Hype Cycle for Data Security, 2022, Gartner stated that DSPM had a market penetration of less than one percent, but in the more recent Innovation Insight, they’re projecting that will increase to 20% over the next few years.
Innovative security leaders are recognizing the competitive advantage they can achieve by implementing a DSPM solution that enables innovation and reduces risk.
#2: Legacy Data Security Technology Cannot Meet Cloud Needs
“Traditional data security products have an insufficient view to discover previously unknown, undiscovered or unidentified data repositories, and they fail to consistently discover sensitive data (structured or unstructured) within repositories.”
The sprawling nature of cloud technologies—across multiple providers with multiple tools and an almost infinite array of possible configurations—is one of the most challenging aspects of today’s data security. Add to that the constant rate at which data is moved, copied, and shared by data users across this technology landscape, and it rapidly becomes clear why traditional data security solutions built for infinitely slower, on-premises environments simply cannot keep pace.
Neither legacy security solutions, such as Data Loss Prevention (DLP), nor CSP-native tools, are sufficient for protecting sensitive multi-cloud data. They require constant re-configuration to keep pace with dynamic cloud use and can only detect data in known repositories — leaving shadow data unprotected. Many of them also remove data from your environment, creating additional exposure.
Companies need a solution like DSPM created specifically for the challenges of cloud data that autonomously and continuously discovers all data, known and shadow, structured, unstructured, or semi-structured. We also strongly recommends a solution that uses serverless functions that leverage APIs to scan your cloud, so data never leaves your environment.
#3: DSPM Solutions Provide Multi Cloud Data Security
“A DSPM product provides a single management console that forms the basis for a broad data risk assessment across cloud repositories.”
This central console is one of the greatest benefits of a DSPM solution. It provides a single, and ideally, cohesive, view of your multi-cloud environment, including Amazon Web Services, Microsoft Azure, Google Cloud, Snowflake, and so on. It autonomously discovers and classifies data — known and unknown — across providers and their myriad data stores and applications, then continuously scans for changes. It also maps data access, detailing precisely who can access and use the data asset, which is a key component in determining security posture.
So, while the creation of shadow data is inevitable, this level of data visibility enables security professionals to prioritize risks across providers and then quickly mitigate those risks. It also allows them to build out a set of automated rules for the governance of their security data, refining and customizing how a DSPM determines security posture.
#4: Everything Starts (or Fails) With Discovery
“Compare DSPM products to establish their ability to map the various datasets found across your architecture.”
More and more security professionals are recognizing the risk of shadow data. In fact, 93% of security professionals surveyed in 2023 are concerned about it. The first step in combating shadow data is discovering it. Organizations evaluating a DSPM have already taken an important step in securing shadow data, but given the vast technological web of cloud ecosystems, it’s crucial to ensure that any DSPM solution has both depth as well as breadth in their data discovery and classification capabilities to ensure full protection.
When evaluating DSPM solutions, look for one that not only extends to all major cloud service providers, but also reads from various databases, data pipelines, object storage, disk storage, managed file storage, data warehouses, lakes, and analytics pipelines, both managed and self-hosted. Also ensure the DSPM tool has support for different variations of technologies in each subset of data assets, including different types of self-hosted databases with unique configurations, and supports different kinds and formats of files including JSON, Office, Avro, Parquet, and others.
#5: Data Security Policies and Process are Key to Using a DSPM
“Security and risk management leaders have several important steps to take when reviewing the capabilities of, and deploying, DSPM technologies (see Figure 1). Start by using DSG to establish the data security policies and posture, and then take the final three steps to assess the DSPM deployment.”
Data security does not exist in a vacuum. It is surrounded by stakeholders who require something of the data. That the data meet the data residency requirements. That the data be clean and accessible. That the data satisfy a myriad of other privacy and governance needs. Which is to say nothing of data security’s mandate: that the data be secure.
That’s why it’s important to start with gathering data governance and data privacy requirements from peer teams in the organization to then implement data security policies that meet everyone’s needs. These policies function as a rule set that your data assets will later be measured against to determine security posture, level of risk, and remediation suggestions.
These data security policies will also specify what controls and protection mechanisms should be implemented for different types of sensitive data. For example, the most sensitive data, such as credit card numbers and corresponding PINs, should have the most stringent security.
After these policies have been defined, your DSPM solution will automatically scan and categorize the data in your cloud infrastructure, identifying any assets that are in violation and recommending steps for remediating them.
#6: Technology Integrations Determine Usability
“Assess, for each DSPM product under consideration, whether it already has integrations with data security controls, how associated metadata can be used by third-party products, or whether the vendor has a roadmap to achieve these goals.”
Organizations have an array of technologies across their security and IT teams. And they need a DSPM solution that integrates with the tools they’re already using, such as SOAR, ITSM, and SIEM, to streamline their security workflows. Security leaders should choose a DSPM solution that has powerful capabilities around:
- Discovery of existing data risk
- Policies for risk prevention
- Features for operationalization
DSPM is the Future
The message is clear: the risk of doing nothing is simply too high. A cloud data breach of your most sensitive data would be a costly blow, both in terms of monetary losses and damage to your brand. Data security in the cloud must be more agile, requiring both continuous and automated scanning, as well as a dashboard that provides complete visibility. These can only be effectively achieved with a modern DSPM solution.
Download your complimentary copy of the Gartner Innovation Insight: Data Security Posture Management today to see the full report from Gartner.
Gartner, Innovation Insight: Data Security Posture Management, Brian Lowans, Joerg Fritsch, Andrew Bales, 28 March 2023.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Disclaimers:
GARTNER does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Related Articles:
AI-Enhanced Penetration Testing: Redefining Red Team Operations
Published: 12/06/2024
Systems Analysis for Zero Trust: Understand How Your System Operates
Published: 12/05/2024
Cyber Essentials Certification Cost and Related Expenses: A Detailed Breakdown
Published: 12/05/2024