Page 53 - Cyber Defense eMagazine - October 2017
P. 53

•  Broaden your incident response plans – One of the big changes driven by the
                       cloud has to do with companies’ responses to security incidents. The common
                       wisdom today is that CIOs don’t get fired for allowing a breach – they get fired for
                       their  responses  to  the  breach.  You  need  to  have  a  plan  in  place  and  specific
                       playbooks to follow. This goes for situations where a customer gets breached.

                   •  Take  another  look  at  your  cyber  insurance  –  With  data  in  the  cloud,  you’ll
                       have  new  decisions  to  make  based  on  the  liability  you  hold  and  the  cyber
                       insurance  you  need  to  protect  the  company  in  the  event  of  a  breach.  Do  you
                       have  a  set  of  controls  that  just  covers  the  cost  of  the  investigation?  Do  you
                       understand  the  quantification  of  impact  of  remediating  the  attack  and  getting
                       back to business? And are you bracing for lost revenues?

                   •  Find your data – Data classification and data handling policies are not effective
                       if you don’t know where your critical data is, and who is handling that data. Data
                       governance is now a core function of data protection.


               Protecting data closer to the data itself

               CIOs  themselves  can  answer  how  many  laptops,  servers,  petabytes  of  storage  they
               have.

               But  the  question  they  don’t  often  have  a  good  answer  to  is  where  their  critical  data
               actually  lies.  If  it’s  in  the  cloud,  it’s  critical  to  know  this.  Creating  a  robust  data
               governance function helps the CIO understand the entire lifecycle of that data – where it
               goes, how it moves through business processes, and where the data terminates.


               In the cloud, it’s easy to link systems together to provide customers with a richer user
               experience.  Having  control  over  the  governance  of  the  data  that  flows  through  those
               pipes is critical. Developing a sound governance plan allows companies to protect the
               data and issue reports to regulators regulatory about what they’re doing with that data.

               Cloud computing has changed the paradigm for today’s businesses, giving them broad
               access to data that transform their operations. It also has exposed the data layer to new
               threats that companies need to protect against to achieve their goals. By taking a new
               approach to security, incorporating risk management principles and diligent protective
               techniques, companies can ensure that they’re getting the most out of their data assets.

               About the Author

               Roger Hale is Vice President of Information Security and CISO at Informatica







                    53   Cyber Defense eMagazine – October 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   48   49   50   51   52   53   54   55   56   57   58