Cybersecurity - Step 2: Protect your Data
When we see the almost daily reports of a data breach, we seldom think...How many copies of data did they have? Are all the copies of data equally secure? Do they even know how many copies of data that they have and where they all are? Should I start to Panic and move my business elsewhere? Imagine a bank with many safes.
All are protected by the alarm system, but they all don't have the same quality lock. In fact, we don't even know how many safes that we have. Organizations typically have many copies of data. These are used for varied purposes including backups, data exchanges with other organizations, training, analytics as well as software development and software testing.
Each copy of data represents another target for hackers as well as additional opportunities for mistakes. Once an organization performs a sensitive data discovery, they can now determine if they actually need these real copies of data or can most be masked or de-identified. Once the data is masked it is of no value to a hacker and if accidentally divulged it is harmless as it is now fictitious.
Furthermore, the organization can now concentrate its defenses on the remaining locations that have real copies of data. The Attack Surface is reduced effectively minimizing its "hackable footprint" or locations that house the treasure chest of data those hackers crave. As it is not readily apparent to a hacker that data is fictitious, the cost of hacking goes up and the attraction of an organization as a target is greatly reduced.