An organization’s data and secrets are simultaneously its greatest assets and its greatest risks.
By Howard Ting, CEO, Cyberhaven
Recently Twitch suffered a devastating hack that exposed its most sensitive data and intellectual property including source code, unreleased product information, streamer earnings, and more. For security teams and enterprise leaders, this attack should make the hair on the back of their necks stand up. This is a worst-case scenario breach, designed to cause maximum disruption, and yet, there wasn’t any regulated data insight.
The attack was all about exposing the IP and trade secrets of the business itself. Recent ransomware attacks have followed a similar blueprint by threatening to expose an organization’s secrets. This changes how an organization must view the risk to its data. While a traditional ransomware attack can be measured in downtime, when secrets are published, the damage is permanent. Data risk must now be viewed in truly strategic terms, not just operational.
Coincidentally, this was the same week that Facebook was once again scrambling to contain the fallout from leaked internal documents and information. These events require organizations to reassess how they use and protect their most sensitive data. It isn’t enough to simply quarantine away PCI or HIPAA-regulated data and call it a day. Virtually all enterprise data is now in play when it comes to risk. Yet at the same time, data is being shared more than ever before, and collaboration is an essential part of modern work. Organizations must be ready to navigate this apparent paradox to get the most out of their data while minimizing the risk.
The Two Faces of Enterprise Data
An organization’s data and secrets are simultaneously its greatest assets and its greatest risks. On its good side, data is the oxygen that keeps the enterprise alive and lets it thrive. And like oxygen, data needs to move and be consumed so that users can collaborate and create. And today this sharing occurs across a constantly evolving suite of applications and services including sanctioned enterprise apps as well as personal use apps.
Yet all this sharing and collaboration opens the door to loss, misuse, or abuse of that data and can transform data from Jekyll to Hyde. Viewed from the perspective of risk, data is less of a life-giving oxygen and more like a self-spreading, self-replicating virus. Every user that downloads sensitive data could potentially make a copy. Data could be copy/pasted into another file, uploaded to a personal cloud, or shared via chat, personal email, or countless other methods. Every data access can turn into a number of unseen derivatives, each with its own potential for loss or misuse.
Focus on the Data Actions
So which is it? Is our data oxygen or a toxic virus? The answer is that it is both. The difference between data being nourishing or toxic depends on the actions and context surrounding it. The good or bad rests in how the data moves, is modified, and shared. Just as importantly, we need to know the data’s history. Where did the data come from? What user or app created it and how has it changed? So not only do we need to know the actions surrounding a piece of data, we need to know its lineage.
The Way Forward
Organizations need a new approach to data security that can provide this lineage and resolve the Jekyll and Hyde problem by passively watching how data is created, modified, and shared. Every action must be tracked and correlated to build a complete history of every piece of data. This opens up a far more powerful approach to securing data that lets organizations do the following:
- Secure Any Type of Data – Any data can be traced and analyzed without the need for signatures or tagging. This lets organizations protect virtually any type of IP or content based on its actual value to the enterprise. Source code, ML models, financial projections, and product designs can all easily be protected equally.
- Safely Enable Work and Collaboration – Users need to share and collaborate to do work without losing control. Policies can align with business processes to define how data can be shared and with whom while preventing oversharing or misuse.
- Find Unseen Risk – The hardest part of security is often to control the “unknown unknowns”. Enterprises need a tool that automatically and continuously traces all data, which can find sensitive data in places the security team didn’t even know to look.
In the end, data doesn’t have to be treated as Jekyll or Hyde. Instead, security policies can automatically follow the true value of the enterprise and adapt to how it is actually being used.
About the Author
Howard Ting is the CEO of Cyberhaven. Howard Ting joined Cyberhaven as CEO in June 2020. In the past decade, Howard has played a critical role in scaling Palo Alto Networks and Nutanix from initial sales to over $1B in revenue, generating massive value for customers, employees, and shareholders. Howard has also served in GTM and product roles at Redis Labs, Zscaler, Microsoft, and RSA Security. Howard can be reached on Twitter and at our company website https://www.cyberhaven.com/.