Data Platform Teams should prepare for increased scrutiny from their CISO’s who are getting concerned with the lack of visibility into how entitlements are used. The recent data breaches of Snowflake instances at TicketMaster and Santander show how vulnerable organisations are to the risk of data breaches through credential theft. In a previous post we’ve described how credential theft is the preferred vector of attack for hackers so I won’t dwell any further on this.
However it’s clear from the Gartner Security and Risk Management Summit 2024 that these vulnerabilities are making CISO’s very uneasy, and that they’re looking to take action to remediate these risks. Here are my top 3 cybersecurity predictions from the Summit, and how I think they will affect Data Platform Teams:
It’s no surprise that this is a big concern following the surge in data breaches of web applications through stolen credentials in the past year. As permissions are managed by the data teams, I expect that the Data Platform Teams will have to work closely with the CISO to detect and respond to identity breaches.
CISO’s want to forgo stand alone security solutions and are looking for a more holistic approach that integrates identity with access. As a result, Data Platform Teams will have to correlate identity data from Active Directory with access and usage data from the cloud data providers for informed data security management. This way they can answer questions such as ‘Who has access to what?’ and ‘How do they use the data?’
The volume of cloud data is growing beyond the security teams’ bandwidth to manage it by themselves, and the CISO will look for ways to federate some of the responsibilities to the business.
For Data Platform Teams it mean that they will have to provide a platform to enable data product owners and data governance to take ownership of data access and data security controls.
Cloud data providers are becoming increasingly popular, and hackers have noticed too. A record amount of organisations are moving large amounts of sensitive data to cloud data providers such as Snowflake, Databricks and BigQuery and data lakes such as AWS S3 and Microsoft ADLS. As these providers are becoming household names, we can expect more hackers to come after them. With attacks mounting and stricter security regulations and standards such as the NIS 2 Directive and NIST CSF 2 at the horizon, CISO’s will expect Data Platform Teams to improve data security of the Cloud Data Platforms.
The resulting requirements will be far reaching and will put a heavy burden on the data platform teams who will have to balance this work with other priorities using limited resources. Without help, will set them back months diverting focus from other strategic topics such as AI/ML, self service analytics, and cost optimization. There is also a significant risk that poorly designed data security workflows will result in a loss of competitiveness because of their impact on the productivity of data & AI workers. This will particularly be the case of analytical data and data for AI/ML which are typically stored in data warehouses, data lakes, and/or data lake houses.
Book some time with me to learn how Raito can help you implement data security measures without disrupting your data platform.
