DSPM can reply what number of data are contained in a database, and paired with cyber threat quantification, can assist you estimate the monetary publicity that will be in the event that they had been all compromised. It is going to inform you which knowledge is “restricted” or “confidential,” and which data are topic to extra regulation. Lastly, you need to use it to grasp what number of customers or roles can entry the database, and assist you apply a extra restricted position, add security monitoring or alerting, and add human touchpoints to autonomous workflows.
If this appears too basic, you might already be in a extremely mature or regulated atmosphere. However elsewhere, and particularly down market, there are many edge circumstances and gray areas that this sort of evaluation helps inform. Crucially, it helps us transfer from binary labels and all-or-nothing choices to quantified, accepted and mitigated threat.
Scaling the method to greater choices
Let’s take this up a degree, and this time, contemplate your complete security structure. You’ve got 15 “restricted” repositories. A important distant code execution vulnerability is launched, which impacts eight of them, and your group strikes into incident response mode. Which of them do you prioritize for patching with IT operations and forensic evaluation? Decide the one with essentially the most delicate data (weighed towards compensating controls), and thus, worth in danger. You don’t want a six-figure platform to make that decision, however you do have to have accomplished the work of understanding the place your most delicate knowledge sits.
