•  Using  role-based  access  controls  (RBAC)  to  define  user  roles,  for  people  and  non-human
                   identities alike, to manage permissions for reading, writing, and modifying data — with the context
                   of the data being accessed.
               •  Identifying and eliminating stale data. Security teams must ensure that they know about all the
                   data in the corporate environment. Often, stale data or “ghost” data exists that has been forgotten
                   or lost,  increasing  the  risk  surface  but providing  no  benefit  to the  organization.  By finding  and
                   removing  this  information,  organizations  can reduce  the  overall  risk surface  without  negatively
                   impacting business outcomes.
               •  Hardening data is important, but only possible by identifying all sensitive data in order to encrypt,
                   tokenize, mask, and anonymize data. This makes the data much harder for adversaries to use if
                   they do manage to gain access.
               •  Classifying  and  mapping  data  comprehensively  and  continuously  enables  security  teams  to
                   quickly identify the location, type, and business context of data if a breach occurs, thus making it
                   easier to respond quickly and mitigate the impact of a breach.
               •  Identifying  and protecting  intellectual  property.  Many  organizations  don’t realize  that  there
                   are  categories  of  data  that  are part  of  their core  IP.  This  may  be information  related  to  buyer
                   technology,  investment  strategies,  or  something  else.  Regardless,  this  IP  is  important  to  the
                   business and must be identified and protected, whether from a malicious attacker or inadvertent
                   ingestion by an artificial intelligence model or chatbot.



            Minimize Overall Risk with Trust Boundaries


            Modern  organizations  must  manage  and  secure  vast  and  growing  amounts  of  data  across  diverse
            environments  without  unnecessarily  limiting  how  the  business  can  use  the  data.  To  protect  data
            effectively,  organizations  need  automatic  and  adaptable  controls,  such  as  trust  boundaries.  A  trust
            boundary is the concept of establishing logical frameworks for grouping and managing data or systems
            access  and  control  based  on  the  sensitivity  or  classification  level  of  that  data  to  manage  risk.  While
            security  teams  can control  access  so  that only  those  with a legitimate  need have  access  to sensitive
            data,  the  volume  of  data  today  makes  it  all  but  impossible  to  manage  without  the  automation  and
            intelligent adjustments  based on data context and needs that a trust boundary can provide. Static rules
            and human intervention  simply  cannot keep up with the scale  and speed  at which  modern enterprises
            use data.

            The Ticketmaster breach is far from unique. Indeed, it’s estimated that about 165 of Snowflake’s customer
            accounts  were  affected in the  recent hacking  campaign  targeting  Snowflake’s  customers.  This  should
            serve as a wake-up  call for organizations  worldwide:  it’s time to prioritize data security.  This is not the
            responsibility  of the data warehouse  or technology  vendor, but of each organization  to ensure that the
            right people have the right access to the right data at the right time.











            Cyber Defense eMagazine – August 2024 Edition                                                                                                                                                                                                          138
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.