Data security is considered as one of the most essential aspects of any organization. In this present IT age, everyone is and should be concerned about the security of their data. The cost of a breach could be deadly to an organization. “The average cost of a data breach in 2019 is $3.92 million using the IBM security databreachcalculator. The health care industry is the most costly industry with an estimated $150 per record.”
We discussed data privacy a while back…it is somewhat intertwined with data security. While data privacy protects your data from unauthorized access, data security handles the rules set by data privacy; an example is the GDPR. Most companies have implemented GDPR from development teams to support.
People might say they had enough time to fix the issue but we must understand that SDLC planning is sometimes not that straight forward even in an agile setting with never-ending tech debts, one can see reason on how this slipped through the crack. So what should organizations do going forward? Or have people in the case of FaceApp willingly given out their data? One might argue that our data is been collected every second, yes! The concerns now are how is it been used? Who is really collecting it?.
This brings us to one of the major problems of big data… security! It is difficult for organizations to ensure secure access, authentication or catch-all systems flaws. How then can your company handle this? CI Security is one of the top security solutions, according to Gartner’s 2019 Market Guide for managed detection and response services and based on the yahoo news report “CI Security’s managed detection and response solution catches intrusions in minutes“. There is also IBM QRadar Security Intelligence Platform and last but not least is Splunk Enterprise Security. All of these solutions are top-notch, it all depends on what your organization is looking to address.
The shortage of cybersecurity skills has not helped matters. Not to mention cybersecurity is a hot skill to have. Looking to change job role, security is an interesting one. It cuts across different areas, there is this assumption people have that security == network that will not always evaluate as true. There are different security certification(s) available for a network engineer to an IT architect even to a software developer. Take a look to find a good fit.
PS: What is your take on calls for tech companies to give access to encrypted messages…privacy or security concerns? Or both?