How much do you think data is worthy of companies such as Google or Facebook? You might be surprised, according to a Netflix documentary the Great Hack, Data for these companies is worth more than the price of oil! The question is how valuable is your data?
In this modern age of big data and analytics, data is the queen, which should be protected securely. What I have found is before the enforcement of EU GDPR, in the context of personal data most organisations do not know where their data resides (data storage), how much they process (number of records), what type of data they process, which critical business processes that are processing the data, hence the question comes how can you protect your data?
In my view, first, everything starts with architecture, data architecture for this matter will drive everything in regards to people, processes, and technology from the data strategy, data protection strategy, and data breaches response plans. Do you have data architects? Do you use a data architecture framework such as DAMA, TOGAF? Maybe that’s the best resources to start at https://dama.org/ ; https://pubs.opengroup.org/architecture/togaf91-doc/arch/chap10.html
Secondly, organisations need to map the flow of the data from the time when the data enters the organisation, processed, go out of the organisation or if it requires to be disposed of securely. On all these processes, security should be embedded by design and not an afterthought.
Data as your queen needs to be protected all the time, the same way this applies in chess, the same way applies in the real life, the way monarchies are being protected over the centuries, use the same concept when protecting the organisation’s data that matter to you. All the best 🙂
The Cybersecurity Consultant 