Understanding Data Security Risks

Risk Group Founder, Jayshree Pandya PhD discusses “Data Security” with Dinesh O Bareja, Chief Operating Officer (COO) of Open Security Alliance & Pyramid Cyber Security based in United Arab Emirates (UAE)   Introduction Each one of us, across nations live in an age where cyber criminals can compromise any kind of data and information that can belong to any individual or any entity across nations: its governments, industries, organizations and academia (NGIOA). Complex as it is, there doesn’t appear to be an easy way to halt this growing surge of cyber-attacks from anywhere and everywhere. When “data” is fundamentally the life force of a digital global age, the ever-increasing data security breaches are becoming a growing problem for each nation and its components. From the small security breaches to big and low profile attacks to high, data breaches, cyber-attacks, stolen data and data manipulation are practically becoming a normal affair for each NGIOA. No NGIOA seems to be immune to the data security challenges. Irrespective of personal data, corporate data, government data or big data, securing data and information is proving to be very complex in a digital global age. While data security faces its unique security challenges in geospace, it is also an issue for cyberspace, and with the amount of digital data ever expanding and exploding across nations, knowing what the true values of the cyber breaches are, will become more and more challenging in both geospace and cyberspace. Digital Global Age: Data Security Before one can evaluate if the data is secure, it is important to understand and evaluate how entities across NGIOA define data and data security. It is also important to understand and evaluate what data security means to decision makers across nations: its government, industries, organizations and academia (NGIOA). In addition, it is important to understand how the decision makers across NGIOA envision “data security” for their respective organizations. Unless we understand this, it is not possible to have an effective approach to data security irrespective of cyberspace or geospace. Cloud: Data Security The growing use of cloud brings more security challenges to already vulnerable digital data. It is important to evaluate how decision makers across NGIOA-I address the security risks of cloud. It is also important to understand and evaluate whether: * Cloud service providers encrypt data at rest * Cloud service providers provide multi-factor authentication * Cloud service providers undergo regular penetration testing Growing use of cloud brings complex security challenges as data is consolidated in one place and hackers have to hack only one site to get access to large amount of data of numerous individuals and entities across nations. This is a critical security risk facing each entity across NGIOA. Data Security Risks Nations today face the data destruction, deletion and manipulation threat. The cyber-criminals and attackers don’t just steal data; but they also delete it or manipulate it. This is a critical risk facing all entities within and across nations. As rebuilding data systems that are wiped or manipulated is time-consuming and expensive, good data backups are becoming essential for each individual and entity across NGIOA. There have been on-going high-profile data breaches involving the theft of not only financial data, but also theft of intellectual property data and more. Amidst that how can entities across NGIOA: * Address the data theft using technology * Ensure effective data security technology * Encrypt data while controlling their own encryption keys * Employ tokenization to ensure data privacy in addition to security