Page 80 - SAMENA Trends - July-August 2023
P. 80

ARTICLE  SAMENA TRENDS

        Follow the Data                        resiliency  level  based  not  only  on   needs and business conditions. Moreover,
        What  would be  the  beacon  guiding   the  outcome  but also  on a  basket  of   we can not only share information but also
        cybersecurity as  we traverse  a  sea  of   continuously evolving drivers covering   proactive defense mechanisms as part of a
        technology advances  and trends  where   different  aspects  from  business  larger defense ecosystem.
        we  struggle  not  to  run aground,  as  every   processes  to  technology  to  the  eco-
        tussle with the challenge of extracting the   system (environmental), with weightage   Last  but most importantly, Data Security
        maximum value  from a  complete  end-to-  that  can  be  tweaked  instantly  for a   Governance  should  be  platform-
        end  digital  transformation?   The  answer   different  perspective  of the  trust  and   independent  and  discourage  platform
        is  very simple,  actually. We  just  need  to   resiliency  outcome.  This  falls  short   lock-in.  As a basic component, it enables
        “follow the data”.                     of   achieving   formal   specifications   architecture  to be  built  using  any  kind  of
                                               requirements   but   is   sufficient   to   platform, whether  hardware  or  software.
        This analogy can be likened to the message   establish  authority, management,  and   This  approach promotes interoperability,
        behind  "When  the  seagull  follows  the   decision-making parameters for the CISO   information sharing, and  the  proliferation
        trawler,"  where  seagulls  benefited  from   to present  to the  rest  of the  executive   of a cyber incident response platform with
        following fishermen, just as we can benefit   management team and/or the board.  varying  functionalities  based  on  access
        from prioritizing  data  in  our approach to                             rights  or capabilities.  This,  in  turn, helps
        cybersecurity. Supply  chain  importance   Evolution  to Organizations  with the   build  communities  with  minimum efforts,
        in  assurance  and  resiliency  has  become   Capability  of Building  Data Security   managing some of the snags and tangles
        evident  in  recent  years,  and  finding  a   Governance:  Key to Success  in the New   that  data  governance  faces, such as
        common    point  where  cybersecurity  Digital Realm – The Case for Data Security   national  security issues  (especially  those
        requirements  and  solutions  converge,   Governance                     related to security intelligence sharing), data
        irrespective of industry trends  and   Firstly, just like XML brought simplicity over   laws,  and  legislation  issues  (particularly
        technical  challenges,  is  crucial. With  data   HTML, the  advantages  of Data  Security   cross-border  roadblocks)  and  concerns
        being compared to the new oil, "follow the   Governance  go beyond automation; it   regarding  corporations  and  nations  that
        data" becomes the  natural  quintessential   enhances  clarity  and  comprehensibility   may be both friends (if they belong to the
        common  success  factor in  achieving   even  for beginners. Moreover, it  doesn't   same  international  grouping  or working
        common  goals  in  protecting  assets  and   replace  human  involvement;  rather,  it   group) and  enemies  (i.e., competitors in
        lives.                               makes  humans  an  integral  part  of the   the same space). Information is power, and
                                             process as the system continues to learn,   the  first  to  access  “structured”  data  (not
        Data Security Governance             adapt, and organically expand. Its flexibility   just any information!) will always have an
        In  modern   governance,  risk,  and  allows  for abstraction  building,  leveraging   advantage over others and win the race.
        governance  (GRC)  practice,  the  main   data  security governance  across  various
        output is  the  outcome and  value derived   applications and scenarios, such as AI or   To sum up, the next phase of evolution is
        from considering various factors driven   Blockchain, for example.       centered  on reevaluating  Data  Security
        by   risk  assessment,  accountability,                                  Governance.  It  is  not  merely  a  subset  of
        legality, ethicality, and cost. It already has   Secondly,  Data  Security  Governance  data  governance; rather, it  could  be  the
        most  of  the  critical  success  factors for   should be recognized as a multidisciplinary   nucleus defining the DNA of cybersecurity
        GRC  to  become  a  common  language  for   capability. By  leveraging  on data security   as  we  evolve  the  role  of the  CISO  and
        communication among all  the  different   governance,  we  can  expand  the  scope   bring  cybersecurity  to the  boardroom as
        stakeholders of the business. However, it is   of cybersecurity and  establish  it  as  a   a prominent  topic. While  we still  need
        lacking some major components:       key discipline  that  all  management  must   to strengthen  our  fundamentals,  the
        •   A life-cycle process with a maturity model   understand.  Given  the  ease  of use  and   future  undoubtedly  lies  in  Data  Security
          enabling  traceability, facilitating  the   self-describing  nature  of  Data  Security   Governance.  We  must  pivot  and  focus
          creation of a comprehensive, multilevel,   Governance,  as  it  is  now  positioned  as   our  efforts  on building  Data Security
          and  multidimensional  supply  chain   the  core nucleus  in  a cybersecurity DNA   Governance  and  adopting  the  “follow  the
          security system capable of tracking any   that  should  be  baked  into the  very fabric   data” model as an abstraction to address
          data's stage.                      of any business,  and  that  it  will  naturally   any new technology that  comes our  way,
        •   An  outcome that  is  grounded  not  only   embed  itself  into any  business  process,   whether it be cloud or AI. We do not need to
          in  the  business  context  but, more   functioning like a utility model.   reinvent the wheel, but our wheels can vary
          importantly,  in  business  success,                                   in size and thickness, with different rims to
          that  can be broken  down into further   Thirdly, Data Security Governance will play   serve different driving purposes (family car
          subcomponents addressing an adaptive   a pivotal role in building proactive defense   vs. F1  car) for various applications.  Data
          cybersecurity needs  for building  trust,   capabilities, serving as an important piece   Security Governance serves as the elixir of
          ensuring data protection and data privacy,   in the puzzle of our approach during GISEC   life for the next generation of cybersecurity,
          providing safety, reliability and resiliency   2023, where we propose “attack is the best   and we are proud to spearhead this piece of
          in the midst of an open, transparent and   defense”. With  Data  Security Governance,   work here in the UAE and the Middle East,
          collaborative digital ecosystem.   we can develop a proactive defense shield   for the world!
        •   As  such, it  is  imperative  to develop   system, allowing different levels of defense
          a  continuous,  quantifiable  trust  and   in various parts of our business based on
                                                                                                  80  JULY-AUGUST 2023
   75   76   77   78   79   80   81   82   83   84   85