The cyber-blocks that stem the flow of digital data

Far too often, data exposures go completely unnoticed by the organization due to a lack of visibility into their environment.

The technology industry was recently rattled when a Silicon Valley VC Firm leaked so-called ‘Deal Flow’ data. The activity exposed 6GB of sensitive data including information pertaining to investors and startups.

Deal flow is a term used to describe the rate at which business proposals and investment pitches are being received. This is a somewhat qualitative measure, one designed to indicate whether an individual business is classed as financially good or bad.

The data belonged to Plug and Play Ventures, which is headquartered in Sunnyvale, California, and has offices around the world.

Looking at this issue for Digital Journal is Pravin Rasiah, VP of Product, CloudSphere.

Rasiah  begins his analysis noting that firms need to work hard to protect the data of their clients: “When entrusted with highly classified data such as investor/startup deal flow information, organizations must be hypervigilant in their security practices.”

Despite some examples of good players, there are more weaknesses in the system. Rasiah notes: “Far too often, exposures such as these go completely unnoticed by the organization due to a lack of visibility into their environment.”

This arises due to a distinct lack of proactive action. Here Rasiah finds: “Too many companies are not monitoring their security policies regularly and are therefore failing to remediate misconfigurations or turn off access once no longer needed.”

Such monitoring deficiencies allow “malicious actors an easy avenue to sensitive company data for a prolonged period.”

With Plug and Play Ventures  case, an ethical security researcher discovered the leak almost an entire year later.

This is a clear signal that more robust solutions are necessary. Rasiah  makes the following recommendations: “To better protect cyber assets, businesses should ensure their security tools provide comprehensive, real-time visibility into their cloud and hybrid environments. With proper guardrails in place and real-time monitoring, businesses can operate confidently knowing that all sensitive data is secure.”

