{"id":44525,"date":"2024-12-03T12:14:38","date_gmt":"2024-12-03T12:14:38","guid":{"rendered":"https:\/\/www.techmagazines.net\/?p=44525"},"modified":"2024-12-03T12:14:40","modified_gmt":"2024-12-03T12:14:40","slug":"5-common-data-security-gaps-and-how-dspm-can-fill-them","status":"publish","type":"post","link":"https:\/\/www.techmagazines.net\/5-common-data-security-gaps-and-how-dspm-can-fill-them\/","title":{"rendered":"5 Common Data Security Gaps and How DSPM Can Fill Them"},"content":{"rendered":"Reading Time: <\/span> 6<\/span> minutes<\/span><\/span>\n

Katrina Thompson<\/p>\n\n\n\n

Data Security Posture Management (DSPM) has been in the public security eye since about 2022 when the term was coined by Gartner. However, at the time it only had about 1% market saturation. As of last year, it had no less than a full fifth (20%, per ….). <\/p>\n\n\n\n

Why the meteoric rise? Because DSPM plugs some crucial security gaps that have been hard to plug in any other way. A lot of these gaps remain because the digital terrain has become increasingly broad (think multi-cloud, remote work, and lengthening supply chains) as well as deep (shadow data, hidden APIs, petabytes of big data that need to be accounted for).<\/p>\n\n\n\n

Current solutions like CSPM (Cloud Security Posture Management) and XDR (Extended Detection and Response) are great for securing the places in which data resides, but there are still areas between those places where data falls through. <\/p>\n\n\n\n

Here are just five of the most common data security gaps and how DSPM can fill them. <\/p>\n\n\n\n

    \n
  1. Data transferred and stored via unconventional means\u00a0<\/strong><\/li>\n<\/ol>\n\n\n\n

    The term \u2018unconventional\u2019 in this case is increasingly becoming conventional, but the fact remains that these are methods that most traditional security solutions fail to secure properly.<\/p>\n\n\n\n

    Think about when information gets copied and pasted from Box and into a company-wide PowerPoint presentation. Let\u2019s say that the Box repository was access-protected and that the employee who accessed it had the permission to do so. Traditional security tools would call that good \u2013 all the rules are being followed. But what would track the fact that that data now resides on a PPT that was emailed to \u201cAll Users\u201d? And how does a company track where it goes from there?<\/p>\n\n\n\n

    Via data lineage, DSPM tools can show organizations where their data originated, where it was moved, how it was used, and where it was seen last. This helps SOCs know when something has gone amiss and when compliance policies are breached. <\/p>\n\n\n\n

    Additionally, proxies, firewalls, and CASBs (Cloud Access Security Brokers) are losing visibility into data bound for unsanctioned cloud apps (that require end-to-end encryption or certificate pinning), and DSPM can leverage data lineage and mapping to keep that information within an organization\u2019s line of sight. <\/p>\n\n\n\n

      \n
    1. Dark data\u00a0<\/strong><\/li>\n<\/ol>\n\n\n\n

      Another place where data falls through the cracks is in the realm of dark data. Dark data is defined by Gartner as \u201cthe information assets organizations collect, process and store during regular business activities, but generally fail to use for other purposes (for example, analytics, business relationships and direct monetizing).\u201d<\/p>\n\n\n\n

      This undiscovered data could be one of an organization\u2019s biggest untapped assets. As IBM<\/a> notes, \u201cDark data often comes about because of silos within the organization. One team creates data that could be useful to another, but that other team doesn\u2019t know about it.\u201d Once it is discovered and used, it can then \u201c[go] from sitting around to providing immense value.\u201d<\/p>\n\n\n\n

      DSPM tools have the capacity to uncover instances of dark data, classify them, and prepare them to be leveraged by their organizations. They can also help define the risk associated with these unbound, undisclosed assets and help data governance tools reach them. <\/p>\n\n\n\n

      Keep in mind that DSPM is still very much an evolving field; some DSPM tools provide this, some don\u2019t. In a rundown of the top ten DSPM products of 2024<\/a>, data security firm Cyberhaven pointed to BigID as one vendor in particular that can offer this capability.<\/p>\n\n\n\n

        \n
      1. Shadow data<\/strong><\/li>\n<\/ol>\n\n\n\n

        Shadow data, or shadow assets, are similar to dark data in that they\u2019re undiscovered. They differ in that they might not be particularly useful to an organization. In fact, they are most likely a huge liability. <\/p>\n\n\n\n

        When developers spin up APIs, for instance, some get deployed for testing and forgotten by the wayside as the rapid pace of development pushes things along. All too often, those old beta APIs are left fully functional and unprotected. Then, a nosy threat actor comes along and shows the organization what a shadow API can (still) do. <\/p>\n\n\n\n

        We want to avoid these instances. However, it\u2019s much too hard for developers to retrace their steps and find them all, much less take the time to work hand-in-hand with security to do so (even though DevOps is very much a thing. It\u2019s just not ubiquitously adopted across all organizations yet). How hot are shadow APIs to the cybercrime economy? One report suggests that over 31% of all malicious requests<\/a> (roughly 5 billion out of 16.7 billion total) targeted these unknown and unaccounted-for application programming interfaces. And there are still shadow IoT, shadow IT, shadow SaaS, and more. <\/p>\n\n\n\n

        DSPM solutions are positioned to find instances of shadow data and bring them into the light. They can scan for unstructured or structured data, searching across \u201ca variety of cloud environments and read from various databases, data pipelines, object storage, disk storage, managed file storage, data warehouses, lakes, and analytics pipelines \u2014 both managed and self-hosted,\u201d as noted by cybersecurity company Rubrik<\/a>.<\/p>\n\n\n\n

          \n
        1. Cloud-native data environments<\/strong><\/li>\n<\/ol>\n\n\n\n

          This is another huge gap in which traditional security measures fall short. We all know about the shared responsibility model in which CSPs (cloud service providers) provide some pieces of the security pie, and customers are responsible for the others. That\u2019s fine, but we also know that on-premises security still is not a direct transfer into cloud environments, and new, cloud-savvy experts are hard to come by. It seems that threat actors know this, as 82% of breaches involved cloud-stored data in 2024, per IBM\u2019s Cost of a Data Breach Report 2024<\/a>. There must be room for improvement somewhere.<\/p>\n\n\n\n

          DSPM is especially suited to finding data in the cloud, even across multiple cloud environments \u2013 and let\u2019s face it, most companies are using multi-cloud these days. Per Statista<\/a>, \u201caround 57 percent of respondents stated that their organization’s primary use of multi-cloud was apps siloed on different cloud[s],\u201d according to a 2024 survey.\u00a0<\/p>\n\n\n\n

          DSPM locates, identifies, and protects data assets in the cloud \u2013 any and all of them \u2013 by using a mixture of AI, machine learning, and integrations with available tools. These tools include:<\/p>\n\n\n\n