Data protection should lie at the heart of a firm’s cybersecurity strategy
There is a mismatch between companies’ expenditure on information technology security systems and the protection of valuable corporate processes. Companies mistakenly believe that buying systems provides robust protection, despite the most important element – data – not being the focus of security strategies.
Identifying critical and valuable information is the first step to protecting it, says digital security company Gemalto Africa identity and data protection manager Neil Cosser.
“Data is at the heart of every business system. Therefore, companies must develop security strategies that are suited to their contexts, including their corporate philosophy and appetite for or aversion to risk.”
Encryption will play a significant role in protecting data, if the encryption is of a high standard.
“Legally, a company that has had encrypted data stolen needs to register only a security breach, not a loss of data. Companies will need to identify and protect, or at least delete, sensitive data,” he explains.
There is no single organisation that can address all data security requirements, and any security technology or system will form part of a company’s security strategy, says Cosser.
Companies must, therefore, design security strategies for their operations, as these will help to identify vulnerabilities and sensitive data; businesses can then consider suitable solutions from various companies to fill identified security gaps.
Such strategies will also enable companies to identify and determine data classification priorities, which further helps to determine what data must be encrypted, he adds.
“Data classification is a significant challenge and, pragmatically, companies should identify critical data to be encrypted. Additional data that need to be secured can then be identified and secured along with the critical data.”
Security strategies must be developed continuously, and an evolution of security planned to address perceived changes to the business processes. An overarching security strategy plan enables additional elements to be included as needed, even if they had not been planned for.
Beyond data identification and protection, role-based identify management will play a significant role in enabling only the correct departments and employees to access data or even only the subsets of data relevant to their functions.
“Leaks often result from people who have access to, but are not technically allowed to access, sensitive data. Further, senior company employees often consider themselves to be exempt from the rules, which makes them especially vulnerable, as they often ignore protocol.
“Access management is in high demand across all sectors, but especially in the financial services sector, and a well-established, role-based access control system is a key element of data security and control,” concludes Cosser.
Comments
The
content
you are trying to access is only available to subscribers.
If you are already a subscriber, you can Login Here.
If you are not a subscriber, you can subscribe now, by selecting one of the below options.
For more information or assistance, please contact us at subscriptions@creamermedia.co.za.
Option 1 (equivalent of R125 a month):
Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format
Option 2 (equivalent of R375 a month):
All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors
including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.
Already a subscriber?
Forgotten your password?
Receive weekly copy of Creamer Media's Engineering News & Mining Weekly magazine (print copy for those in South Africa and e-magazine for those outside of South Africa)
➕
Recieve daily email newsletters
➕
Access to full search results
➕
Access archive of magazine back copies
➕
Access to Projects in Progress
➕
Access to ONE Research Report of your choice in PDF format
RESEARCH CHANNEL AFRICA
R4500 (equivalent of R375 a month)
SUBSCRIBEAll benefits from Option 1
➕
Access to Creamer Media's Research Channel Africa for ALL Research Reports on various industrial and mining sectors, in PDF format, including on:
Electricity
➕
Water
➕
Energy Transition
➕
Hydrogen
➕
Roads, Rail and Ports
➕
Coal
➕
Gold
➕
Platinum
➕
Battery Metals
➕
etc.
Receive all benefits from Option 1 or Option 2 delivered to numerous people at your company
➕
Multiple User names and Passwords for simultaneous log-ins
➕
Intranet integration access to all in your organisation