Why data-centric security matters
The Capgemini and Forrester study showed how organizations are prioritizing cyber-resilience as a way to scale data-centric security.
Data-centric security dominates budgets. Of the 75% of companies planning to increase their cybersecurity budgets in response to COVID-19, the majority of the respondents (71%) said they prioritized data-centric security. A health care CISO told VentureBeat they accelerated their plans to build out zero trust frameworks in response to new security concerns and requirements over the past year. Protecting existing and new digital sales channels was always important, but it became urgent during the pandemic because of changes in customer buying patterns, the CISO said.
Cyber-resiliency protects revenue. Threats to organizations’ channels, operations, and revenue increased over the past year in comparison to levels seen before the pandemic, according to 68% of the survey respondents. A little over three-quarters of the survey participants (79%) said their digital business grew too quickly to keep up with, making it harder to keep their organizations cyber-resilient. Six in 10 organizations don’t have the right tools or technology they need, which explains why the report found that cybersecurity spending increased by 66% last year.
Defining a cyber-resilient roadmap. Organizations are developing cyber-resiliency roadmaps as part of their zero trust initiatives. They want greater visibility across every endpoint enterprise-wide and to be able to enforce least privileged access to every data asset. They also want to reduce risk and internal barriers to online revenue growth. The Capgemini/Forrester study found two other things IT leaders want: skilled employees and foundational security controls.
Getting started with data-centric security. By definition, data-centric security is a framework with supporting methodologies and classification taxonomies that need to be an organization-wide initiative to succeed. With cybersecurity attacks concentrating on data assets, endpoints, and identities during the pandemic, organizations opt for the zero trust framework as their data-centric security strategy.
Capgemini and Forrester’s report provides a timely glimpse into how organizations translate their data-centric investments into concrete security plans. Data-centric models deliver the most value when they improve application, tool, and device visibility across organizations. Identity and access management (IAM), cybersecurity controls, and endpoint security provide that level of visibility. Leading vendors in IAM include BeyondTrust, Centrify, CyberArk, Ivanti, and Thycotic. Leading endpoint security vendors include Absolute Software, CrowdStrike, Cybereason, and Ivanti.
The study provides compelling results that reflect how cyber-resilience is essential to protecting revenue, defining a data-centric security roadmap, and managing cybersecurity decisions from a business perspective first.
Investing in cybersecurity is now primarily a business decision, rather than a technological one. The increasing cyberattacks on data assets, endpoints, and identities directly impact revenue and can thwart new online sales channel growth. The NSA’s prescriptive guidance on zero trust comes just as many organizations are struggling to define their data-centric security strategies.
“Zero trust is a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgment that threats exist both inside and outside traditional network boundaries,” the NSA said in its guidance.
Data-centric security dominates budgets. Of the 75% of companies planning to increase their cybersecurity budgets in response to COVID-19, the majority of the respondents (71%) said they prioritized data-centric security. A health care CISO told VentureBeat they accelerated their plans to build out zero trust frameworks in response to new security concerns and requirements over the past year. Protecting existing and new digital sales channels was always important, but it became urgent during the pandemic because of changes in customer buying patterns, the CISO said.
Cyber-resiliency protects revenue. Threats to organizations’ channels, operations, and revenue increased over the past year in comparison to levels seen before the pandemic, according to 68% of the survey respondents. A little over three-quarters of the survey participants (79%) said their digital business grew too quickly to keep up with, making it harder to keep their organizations cyber-resilient. Six in 10 organizations don’t have the right tools or technology they need, which explains why the report found that cybersecurity spending increased by 66% last year.
Defining a cyber-resilient roadmap. Organizations are developing cyber-resiliency roadmaps as part of their zero trust initiatives. They want greater visibility across every endpoint enterprise-wide and to be able to enforce least privileged access to every data asset. They also want to reduce risk and internal barriers to online revenue growth. The Capgemini/Forrester study found two other things IT leaders want: skilled employees and foundational security controls.
Getting started with data-centric security. By definition, data-centric security is a framework with supporting methodologies and classification taxonomies that need to be an organization-wide initiative to succeed. With cybersecurity attacks concentrating on data assets, endpoints, and identities during the pandemic, organizations opt for the zero trust framework as their data-centric security strategy.ADVERTISEMENT
Capgemini and Forrester’s report provides a timely glimpse into how organizations translate their data-centric investments into concrete security plans. Data-centric models deliver the most value when they improve application, tool, and device visibility across organizations. Identity and access management (IAM), cybersecurity controls, and endpoint security provide that level of visibility. Leading vendors in IAM include BeyondTrust, Centrify, CyberArk, Ivanti, and Thycotic. Leading endpoint security vendors include Absolute Software, CrowdStrike, Cybereason, and Ivanti.
The study provides compelling results that reflect how cyber-resilience is essential to protecting revenue, defining a data-centric security roadmap, and managing cybersecurity decisions from a business perspective first.
Investing in cybersecurity is now primarily a business decision, rather than a technological one. The increasing cyberattacks on data assets, endpoints, and identities directly impact revenue and can thwart new online sales channel growth. The NSA’s prescriptive guidance on zero trust comes just as many organizations are struggling to define their data-centric security strategies.
“Zero trust is a security model, a set of system design principles, and a coordinated cybersecurity and system management strategy based on an acknowledgment that threats exist both inside and outside traditional network boundaries,” the NSA said in its guidance.