Adapt or die: Why cybersecurity companies must become data companies to survive

Data has become the world’s most valuable commodity. The more your business understands data and how it is utilized, the more powerful that data can be to guide effective decision-making. Threat actors are aware of the value of data too, and have mastered techniques to steal that data through malware, ransomware, phishing attacks, social engineering practices and more. Cybersecurity companies must continually adapt.

Defending the enterprise infrastructure is becoming increasingly difficult in the age of digital business. With the rise of digital transformation, attack surfaces expand and threats continue to grow. This makes it critical for organizations to ensure that their most valuable asset — their data — is secured. The number of cyberattacks and data breaches keeps growing year over year, and regulators around the world are requiring organizations to prioritize the security of critical business functions.

Data is gold — and for businesses to gain a hold on their attack surface and secure their valuable data, it is critical that they understand the relationships and dependencies that make up their digital estate. Gaining an understanding of that digital estate is what will set companies apart, ensuring that businesses are prepared to protect their most valuable commodity.

The cost of a data breach and why the old ways of protection are no longer enough

Through major supply chain and ransomware attacks, criminals are looking for valuable data in many places. Personally identifiable information (PII), financials and other sensitive data are all prime targets for attackers who see it as gold. In critical sectors such as healthcare and finance, protecting data becomes even more critical. In fact, a 2022 report reveals that 80% of financial institutions have suffered at least one data breach in the last 12 months. Data breaches don’t only threaten consumers’ privacy. They can also cause severe reputational and financial damage to businesses.

For example, last year, a hacker breached T-Mobile’s servers and stole 106GB of data containing the social security numbers, names, addresses and driver’s license information of more than 100 million people. This incident cost T-Mobile $350 million and put the company’s reputation at stake. Marriott International was the victim of several breaches after an M&A deal that exposed millions of customers’ personal data. The company later received a substantial fine of £18.4 million for violating the EU’s General Data Protection Regulation (GDPR).

From major hotel groups and retailers to small businesses, the cost of a data breach extends far beyond loss of intellectual property. Incidents like these prove that companies need to do their due diligence, especially when going through an M&A transaction, and make sure they have a system in place to protect their most valuable assets, people and data. Major breaches of the past few years have shown us that the old ways of protection are not working. They are no longer enough.

A data-first approach to cybersecurity

With the adoption of hybrid and full-remote work, accelerated digital transformation and a reliance on cloud services have made it difficult for companies to maintain security policies at scale. As they adjust to these new realities, organizations must focus on setting systems in place that help them gain an understanding of the assets on their network, and how those assets are communicating with one another.

Data in motion is particularly vulnerable without effective management protections in place, and without full visibility into applications within the IT architecture.

Dynamic visibility is key to preventing data breaches and other sophisticated cyberattacks. Companies must take proactive steps to reduce their attack surface and the blast radius of an attack. This requires addressing the inherent vulnerability of data — at rest, in motion and across application transformations.

With the quick move to multicloud and edge IT infrastructures, companies are now facing significant gaps in visibility. Poor visibility of devices that access your applications makes it difficult for security teams to understand their attack surface and data sprawl, and the threats they are exposed to. CISOs need to be prepared to invest in architecture and technology that enables an inside-out approach.

Protecting your digital estate

In today’s threat landscape, it is critical that businesses of all sizes have security frameworks in place to bolster their cyber resilience. Technologies such as artificial intelligence (AI) and machine learning (ML) can enhance modern cloud architecture and offer new agility and predictive capabilities to data security. This is proving particularly useful in helping IT teams automate and effectively predict, detect and mitigate cyberattacks.

Other technologies, including Cybersecurity Asset Attack Surface Management (CAASM) tools, can analyze and provide full visibility into an organization’s complex internal attack surface. By using these solutions while moving data and assets to the cloud, companies can ensure their data is safe while it’s in motion. Unlike legacy approaches, CAASM solutions map the relationships between business functions, applications, middleware services, infrastructure and users, enabling security teams to understand the true business impact of a compromise.

Cybersecurity is an ever-changing field — each day, data security threats are more sophisticated, demonstrating that security companies must become data companies to stay in business, or survive. The next generation of cybersecurity companies must provide an understanding of data and its relationships and interdependencies to keep ahead of today’s modern threats.

Marc Woolward is CTO and CISO of vArmour.