There is no doubt that Data Security is a top-of-mind concern for security professionals the world over – it is often cited as the #1 concern for CIOs and CISOs, especially as they aim to collect and harvest increasing amounts of data to fuel their AI initiatives. However, the community is still in the early innings of figuring out what to do about it – they lack the established frameworks and guidelines that have become standard in fields like application security and cloud security. While AppSec has its OWASP Top 10 and cloud security relies on CSA STAR, the data security community has to navigate without a similar compass. What they do have, instead, is a confusing alphabet soup (DSPM, DAM, DAC, etc) and products that all claim to do the same thing.
An increasing number of security teams are now settling on data discovery as the first step in any data security, data governance, and data privacy initiative. However, while this seems intuitive, it quickly gets beset with two challenges:
- The ubiquity of data across a diverse array of services and infrastructure poses the first hurdle which makes data discovery and classification very cumbersome.
- Ownership of data becomes an issue as the teams try to figure out how to analyze their findings and prioritize remediation.
The heterogeneity of data sources often results in data security getting stuck – very long running projects that often run very long and don’t yield the results organizations expect. That’s why we are excited to announce two new offerings of our data security platform today.
The first one is a completely self-service offering for engineering teams that want to automate security and enforce data security contracts. As we worked closely with our customers and partners, it became abundantly clear that multiple teams need to collaborate with each other to secure data without curtailing the business and disrupting user productivity. Cyral enables teams to embrace a GitOps model for data security, in which access control, protection policies and privacy rules can all be managed from within a central Git repository that data, security engineering, devops and privacy teams can all collaborate on.
The second offering, Dmap, is a free discovery and classification tool for any security, IT or ops teams that want to build an inventory of their most sensitive data. Last year we did a prioritization survey of hundreds of security professionals across multiple events and forums, and databases consistently ranked at the top of the list of data stores by the importance for data security. We also learned how confusing the messaging and preposterous the claims were of many vendors in the data security space. As a result, we embraced the decision to build it as a community product, focused on databases, while making it completely free and open-sourcing key components of the software. We are releasing the first version of this service today for managed databases on AWS, along with our roadmap so that other members of the community will guide, and hopefully even join, our effort to extend it and make it more valuable for everyone.
We are incredibly excited about the launch today and hope this gets data security unstuck at many organizations.
Interested in learning more about Dmap? Visit the link below and sign up today!
