Data breaches are expensive for organisations and hugely profitable for those in the business of identity theft, credit card fraud and cyber-espionage. The costs of a single high-proﬁle data breach can be millions of dollars and take months to resolve even after being detected[i].
One of the main reasons organisations take so long to detect and remediate breaches is that they are unsure where their high-risk data is stored and can't target those systems for investigation. Instead, they must take the time to collect data from a wide range of sources which may include employees' 'bring your own' devices. Alternatively, they can collect from a random sample of devices, but they risk missing the compromised systems.
To further complicate the search, typically 80% of an organisation's data is unstructured human-generated information including email and the contents of file shares. It often lives in proprietary formats such as email databases and archives that are difﬁcult to search and understand.
Meanwhile, the clock is ticking: data has gone missing, costs are building up and there is an ever-present risk that someone could exploit the same vulnerability again to do more damage.
Knowing this, information security, information governance and records management specialists must become 'good shepherds' of their data to reduce the costs and extent of cybersecurity breaches. In this model, data shepherds know where all the sheep are, segregate them into separate fields, make sure the fences between fields are sound and regularly check to ensure the sheep are healthy and not due to be made into shepherd's pie. In this way, even if a wolf manages to get into one of the fields, most of the flock will be safe.
Applying this model can have huge impact on how secure your organisation is from data breaches and how effectively you can respond to incidents - internal or external, deliberate or accidental. It also gives you a clearer understanding of what data is worth so you can concentrate on protecting the high-value data and easily calculate the return on your security investments.
Here are four steps to becoming a good shepherd:
1. Defensibly delete data that has no business value
Organisations store large volumes of electronic detritus. That's data that has no business value because it's duplicated, trivial, no longer used or past its retention period. It may contain unknown business risks or confidential information. While most organisations have strict compliance rules around how long they must retain data, once the retention period is over, the risks and costs of keeping that data greatly outweigh any residual value. Deleting this low-value data, according to pre-deﬁned and legally sanctioned rules, reduces risks and also minimises the volume of data that could be compromised. This, in turn, reduces the scope of a post-breach investigation.
Sign up for CIO Asia eNewsletters.