Data protection should lie at the heart of a firm’s cybersecurity strategy

22nd May 2015

By: Schalk Burger

Creamer Media Senior Deputy Editor

  

Font size: - +

There is a mismatch between companies’ expenditure on information technology security systems and the protection of valuable corporate processes. Companies mistakenly believe that buying systems provides robust protection, despite the most important element – data – not being the focus of security strategies.

Identifying critical and valuable information is the first step to protecting it, says digital security company Gemalto Africa identity and data protection manager Neil Cosser.

“Data is at the heart of every business system. Therefore, companies must develop security strategies that are suited to their contexts, including their corporate philosophy and appetite for or aversion to risk.”

Encryption will play a significant role in protecting data, if the encryption is of a high standard.

“Legally, a company that has had encrypted data stolen needs to register only a security breach, not a loss of data. Companies will need to identify and protect, or at least delete, sensitive data,” he explains.

There is no single organisation that can address all data security requirements, and any security technology or system will form part of a company’s security strategy, says Cosser.

Companies must, therefore, design security strategies for their operations, as these will help to identify vulnerabilities and sensitive data; businesses can then consider suitable solutions from various companies to fill identified security gaps.

Such strategies will also enable companies to identify and determine data classification priorities, which further helps to determine what data must be encrypted, he adds.

“Data classification is a significant challenge and, pragmatically, companies should identify critical data to be encrypted. Additional data that need to be secured can then be identified and secured along with the critical data.”

Security strategies must be developed continuously, and an evolution of security planned to address perceived changes to the business processes. An overarching security strategy plan enables additional elements to be included as needed, even if they had not been planned for.

Beyond data identification and protection, role-based identify management will play a significant role in enabling only the correct departments and employees to access data or even only the subsets of data relevant to their functions.

“Leaks often result from people who have access to, but are not technically allowed to access, sensitive data. Further, senior company employees often consider themselves to be exempt from the rules, which makes them especially vulnerable, as they often ignore protocol.

“Access management is in high demand across all sectors, but especially in the financial services sector, and a well-established, role-based access control system is a key element of data security and control,” concludes Cosser.

Edited by Martin Zhuwakinyu
Creamer Media Senior Deputy Editor

Comments

The functionality you are trying to access is only available to subscribers.

If you are already a subscriber, you can Login Here.

If you are not a subscriber, you can subscribe now, by selecting one of the below options.

For more information or assistance, please contact us at subscriptions@creamermedia.co.za.

Option 1 (equivalent of R125 a month):

Receive a weekly copy of Creamer Media's Engineering News & Mining Weekly magazine
(print copy for those in South Africa and e-magazine for those outside of South Africa)
Receive daily email newsletters
Access to full search results
Access archive of magazine back copies
Access to Projects in Progress
Access to ONE Research Report of your choice in PDF format

Option 2 (equivalent of R375 a month):

All benefits from Option 1
PLUS
Access to Creamer Media's Research Channel Africa for ALL Research Reports, in PDF format, on various industrial and mining sectors including Electricity; Water; Energy Transition; Hydrogen; Roads, Rail and Ports; Coal; Gold; Platinum; Battery Metals; etc.

Already a subscriber?

Forgotten your password?

MAGAZINE & ONLINE

SUBSCRIBE

RESEARCH CHANNEL AFRICA

SUBSCRIBE

CORPORATE PACKAGES

CLICK FOR A QUOTATION