What We Heard at RSA
It was great to see everyone at this year’s RSA conference! The year’s biggest industry event is an ideal opportunity to gain insight into the trends and developments that are shaping the future of cybersecurity. Here’s a quick rundown of the recurring themes we heard in our conversations with information security professionals from around the world.
Discovery and Classification are Must-Haves
By now, it’s clear that perimeter protection is not the answer. Firewalls and device protection can only do so much. A data-centric approach to dealing with cyber threats is the key to remaining secure and competitive in a rapidly-changing world. However, data-centric security is only practical when organizations have full visibility and control over the sensitive data on their servers, laptops, and desktops. That's why data discovery and data classification have become essential capabilities—without the ability to detect and tag files containing sensitive information, organizations cannot ensure that data is protected against theft and misuses.
GDPR Is Still a Question Mark
The deadline to comply with Europe’s General Data Protection Regulation (GDPR) is May 25. Though it’s less than a month away, there still seems to be some uncertainty (and therefore, a lack of preparedness) around the regulation. Will GDPR supervisory authorities really fine organizations 4% of their annual revenue? What is an organization expected to do when a user invokes the right to be forgotten? What sort of auditing and reporting will EU authorities require?
Most of the security professionals we spoke to at RSA said that they expect it will take several years—and several hundred legal challenges—before anyone really knows how GDPR has changed the world of data protection. Until then, the best bet is to implement strong protection, including persistent encryption, for the personal information organizations are collecting and processing in the EU.
It's Time to Close Security Gaps
The diverse nature of enterprise information systems, in which data must travel across multiple platforms and operating systems, internally and externally, creates a variety of potential threats. Sensitive data is often exposed to theft, loss, and inappropriate access, especially when organizations need to remove and re-apply protection as data moves from one system to another. These security gaps are the weakest points in any organization's defenses, and are easy for hackers and malicious insiders to identify and attack.
Smartcrypt Can Help!
PKWARE’s Smartcrypt enables unprecedented visibility and control over their sensitive data. Smartcrypt’s automated data protection workflow makes it possible for companies to detect and classify sensitive information and keep it protected across the entire organization.
Smartcrypt's approach to data-centric security was a big hit at RSA and sparked lots of interesting conversations about the problems companies are trying to solve today and the challenges they need to prepare for tomorrow. If your organization is ready to take the next step in data protection, contact one of our security experts to learn more!