Blurring the lines between data management and cybersecurity – no longer separate priorities for the modern enterprise
29 Mar 2023
In the past, data management and cybersecurity would fall under separate domains, but with more organisations making the shift to the cloud, data management and data protection have merged, essentially blurring the lines between the two.
While data management focuses on processes that include a combination of different functions that are aimed at ensuring data in corporate systems is accurate, available and accessible; cybersecurity deals with protecting digital information from unauthorised access, corruption or cyberattacks.
However, considering that data is the lifeblood of any modern enterprise, it makes sense that data management has become a key part of cybersecurity. An organisation’s cybersecurity strategy is only as good as its backup, so if an organisation’s entire production environment is secure but its backup is not, its data will remain vulnerable.
In essence, cybersecurity measures must be in place on an organisation’s backup system to ensure that it is as safe as the production environment. By achieving this, the lines between cybersecurity and data management start to blur.
Not adding real value
Conversely, there would be little point to having backup systems if an enterprise’s production environment is not secure, meaning that data management would ultimately not add much value to a business without adequate cybersecurity measures in place.
Thus, organisations need to ensure that they prioritise data management and data security equally, as a vulnerable backup system – one that does not have cybersecurity measures in place and is not aligned with the organisation’s security strategy -could ultimately become the weak link in the IT ecosystem.
For example, modern enterprises require a strategic, first-world, as-a-service authentication model, it means that their backup solutions also need similar security systems for authentication. This is because all IT solutions need to adhere to an enterprise’s cybersecurity strategy, otherwise they become the vulnerability in that organisation’s business planning.
Data breaches could have varying effects on different companies, depending on the type of data they own and the type of data that is compromised. In the worst-case scenario, an organisation could suffer legal consequences as a result of a data breach, which could effectively put it out of business.
Do the proper due diligence
It is thus crucial for organisations to ensure that they perform the best possible due diligence to prevent cyber threats by putting the best cybersecurity strategy in place. The pace at which cyber threats evolve – in both frequency and sophistication – means that a breach will likely occur sooner or later. However, an organisation can avoid legal liability if it can demonstrate that it had taken all reasonable measures to prevent one.
Aside from legal issues, reputational damage is another consequence that could result from a data breach. According to a Security Compass whitepaper, titled Why Cybersecurity is Important for Your Brand Reputation, trust is critical to building a successful business. Drawing on various sources, the whitepaper states that people were over six times more
likely to pay a premium for a product and had higher brand loyalty for highly trusted brands. Additionally, it states that 52% of consumers would consider paying more for the same products or services from a provider with better data security.
Thus, it is critical that data management and cybersecurity go hand-in-hand and organisations must ensure that consistent security becomes their standard. The goal of a security strategy is not to eliminate all risk – as this is all but impossible – but to reduce risk to a level that is congruent with the risk appetite of the organisation.