regulations. The act of sharing data unlocks collaborative growth opportunities with external partners and
            supply chains, catalyzing economic gains.

            To mitigate data-related risks, companies must transition from traditional tools to innovative solutions that
            meet  industry  compliance  and  enhance  data  accessibility.  For  instance,  strategically  leveraging  third-
            party vendors is essential for harnessing  cloud-managed  data warehouses, applications,  and analytical
            tools, allowing for the responsible extraction of business value from data.

            Further,  the industry  needs to radically  shift their thinking  in the way they approach  the sensitive  data
            problem.  Two questions,  do I have  high risk data like social security  numbers?  More importantly,  how
            many people in your company should see that data in clear text?

            The first question is a security question. The second question is a data consumption one. If the answers
            to the questions are “yes” and “very few” then why protect data at every request by the 99.9% of users?
            Invert the security model and the natural security state for this type of data is protected. Using tokenization
            techniques  obfuscates  the  value  for  a reader  but  maintains  100%  of  the  data  utility  for  analytics.  By
            implementing  this  model,  only  .1%  of  the  requests  require  transformation  to  clear  text.  It  markedly
            improves security posture, widens access to high value customer  data, and accelerates it to the teams
            thirsty to innovate.



            Harnessing Data Responsibly

            Organizations  must  judiciously  select  solutions  that  not  only  comply  with  legal  standards  but  also
            safeguard  sensitive  data  types  such  as  Personal  Identifiable  Information  (PII),  Protected  Health
            Information  (PHI),  Payment  Card  Industry  (PCI),  and  Intellectual  Property  (IP).  Tokenization  is  a
            recommended  approach by the regulatory  bodies because  it is an effective, principled approach that in
            the case of PCI renders systems out of scope for audit.

            Zero trust principles  applied to applications,  users,  and servers is a growing  trend in security because
            when  executed  well it is particularly  effective  for cloud  environments.  Microsoft  summarized  the three
            principles  of  Zero-Trust  as  Assume  Breach,  Verify  Explicitly,  and  Use  Least-Privilege  Access.  By
            implementing  tokenization,  organizations  are  applying  Zero-Trust  directly  to  data.   Minimizing  risk
            throughout  the  data’s  lifecycle  from  collection  to  its  final  application.  This  proactive  approach  to  data
            security is essential.

            In 2023 the security industry was $185 billion and grew 14% year-over-year  yet data compromises  are
            up 78%. It maybe is stating the obvious, but those numbers don’t add up for consumer privacy. Accenture
            estimates  that by  2030  businesses  will  unlock  $3.6T  in data  value.  The  value  of  data for  businesses
            cannot be overstated. By investing in data security, embracing transparency,  and adopting a Zero Trust
            approach, companies can protect sensitive data and maintain the loyalty of their customers.












            Cyber Defense eMagazine – July 2024 Edition                                                                                                                                                                                                          23
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.