Thales eSecurity Blog

7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions

Tina Stewart
Tina Stewart | VP of Market Strategy More About This Author >

7 Habits of a Highly Effective CISO: 2019 Data Security Resolutions

It’s 2019 and data is everywhere – and what you can do with what is at your fingertips is truly transformative. It changes the way you look at your business, improves your productivity and simplifies your life whether by helping you get home at night, buying groceries or deciding what to watch on any number of devices. Personally, and for business, the possibilities are endless and increasing by the minute. Unfortunately, with every possibility a new security risk appears, and as a CISO you are well-aware of the implications. So, what are some habits you can resolve to adopt this coming year to ensure you and your business are making the most of your data while keeping it secure?

  1. Who Needs to Buy-in to Your Security Strategy?
    Successful security teams align with business objectives to realize the most success from the beginning of any project. Where to start: To get the support of the entire organization, communicate the benefits of a strong security strategy to all decision makers. Everyone wants to buy-in to a winning strategy.
  2. Where Are You Keeping the Keys?
    Adopting multi-cloud strategies makes sense for companies with diverse needs. In fact, it’s no longer unusual for enterprises to run their SaaS, IaaS and PaaS from different providers, all in parallel with their on-premise systems. However, there has to be a more thorough focus on security in multiple clouds environments so encryption with sophisticated multi-cloud key management is a must-have solution.
  3. How Do You Select a Trusted Vendor?
    With multi-cloud deployment comes the need for security leaders to choose the right third-party vendors to trust. One of our recent blogs highlights tips to help with selecting and confirming trust in your third-party vendors, and this rings true now more than ever. Thoroughly vet all vendors from the HVAC supplier to the network provider in order to minimize threats.
  4. What’s in that Big Data Lake?
    With the uptick in digital transformation that we’re seeing, Big Data is far and wide, bringing genuine security concerns with it. Unlike traditional databases, Big Data is unstructured and any sensitive data can go into a data lake (which holds data in its raw format) and then show up later in a report. If you’re leading a global company with sensitive data from countries with data privacy laws (think: EU and GDPR today; U.S. and other countries coming on soon), being out of compliance becomes a huge and costly risk. Consider utilizing tokenization and application encryption to selectively protect sensitive data before it goes into the data lake or Big Data platform.
  5. Can More Containers Securely Contain?
    In the coming year, we’re going to see more DevOps teams implementing containers because of the technology’s benefits like flexibility and reducing costs. However, containers weren’t inherently designed with strong security features. If you plan to implement this technology, protecting that sensitive data is a priority. Your best bet is to ensure that sensitive data stored within containers and accessed from containers is protected with encryption. Check out our Vormetric Transparent Encryption Container Security solution with controls for data encryption, access control and data access audit logging to data within or linked to containers, such as in Docker or OpenShift environments.
  6. Maybe It’s Time to be More Secure Up the Application Stack?
    From the disk level all the way up to the application level, each degree of the technology stack requires different approaches to security. Overall, the lower in the stack that encryption is deployed, the simpler and less intrusive the implementation will be. However, while implementing encryption lower in the stack does a great job, if you go higher in the stack, at the application level, enables you to realize a higher level of data protection and mitigate more threats. Maybe it’s time for Data Tokenization: Protect Sensitive Data at the Application Level
  7. Is GDPR the Gold Standard of Compliance for Now?
    Finally, don’t forget about compliance with regulations such as GDPR. Furthermore, the introduction of new regulations like the California Consumer Privacy Act are already making major improvements for data privacy. As a result, many CISOs will need to put compliance high on the priority list in 2019.

We closed out 2018 with increased digital transformation and new technologies – but with that came more potential threats than ever before. We’ll be examining the threat landscape further in our global Data Threat Report later this month. In the meantime, keep working toward your security resolutions and you’ll be in good stead for addressing security for your organization in 2019.