Many organizations spin their wheels when it comes to cybersecurity, says IBM's Andy Land. They invest in tools that do everything except what security leaders are fundamentally tasked with doing: Protect the data.
Part of problem: Lack of a common definition of "data security."
"Some folks might say that's just encrypting the data," says Land, Program Director, Product Marketing- Security Systems, at IBM Security. "Others might say that's monitoring of data; some might say it's monitoring of users who use the data. And that's all of it - you have to have all of those things" and more.
In Land's view, data security is a journey that, for most organizations, begins with compliance - what do you have to do? And then it continues through data mapping, masking, encryption and other security methods, as appropriate.
The challenge for security leaders who want to embark on this journey: "They need to go beyond the compliance regimen and really look at other parts of the data environment to understand their gaps," Land says. "A checklist may not show them those gaps."
In an interview about improving data protection, Land discusses:
- His definition of "data security;"
- Why big data often leads to big headaches;
- How to measure data security success.
Land is a security technology executive who runs worldwide product marketing for the People, Application, Data and Cloud Security segments at IBM Security. He has a successful background in leading marketing, product marketing/management and strategy teams at start-ups and large enterprises. Prior to IBM, Land spent seven years growing two start-ups and thee years at Sun Microsystems. He regularly speaks on trends in identity management, privacy and security.
Visit ibm.com/guardium to learn more