Cybersecurity has been a key topic during October 2020, with the importance of the topic noted through Cybersecurity Awareness Month, which is a U.S.-centric series of events designed to promote the optimal approaches to digital security.
This includes ensuring there are multiple layers of protection spread across the computers, networks, programs, and data. In an business setting, the people, processes, and technology must all complement one another to create an effective defense from cyberattacks.
Myke Lyons, CISO at Collibra, the data intelligence company, tells Digital Journal about the major data security risks, customer concerns and changes.
Digital Journal: What is the greatest risk to data security right now, and why?
Myke Lyons: Knowing what data you have and where your data are is still challenging. Given the budget constraints security practitioners must focus on protecting assets to different levels depending on their risk profiles. As more and more organizations look to the cloud for data services, governance must be top of mind.
DJ: What are the customer’s biggest concerns?
Lyons: Customer concerns are shifting rapidly, not long ago it was “we can’t move to the cloud” and now it is “we have to move the cloud faster so how can you help us.” Their concerns have mainly been focused on infrastructure controls but are not keying in on how cloud services are built and designed.
DJ: What needs to change?
Lyons: Organizations will need to shift towards a consistent security assessment process using industry standard questions. This will ensure that the best and most applicable questions are asked. For example we have had very in depth challenges from legacy financial institutions on our physical office security while we have a strongly remote workforce and use exclusively cloud services.
DJ: What will change in 5 years?
Lyons: Everything will be cloud, unless you work for a cloud company you may never see a server again! Responsibility for the security of cloud services will become more shared and it will be a partnership with customers rather than a tit-for-tat via legal and contracts. Cyber insurance will follow suit.