{"id":114030,"date":"2022-05-18T09:00:00","date_gmt":"2022-05-18T16:00:00","guid":{"rendered":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/?p=114030"},"modified":"2023-09-18T08:57:53","modified_gmt":"2023-09-18T15:57:53","slug":"so-you-want-to-be-a-ciso-what-you-should-know-about-data-protection","status":"publish","type":"post","link":"https:\/\/www.microsoft.com\/en-us\/security\/blog\/2022\/05\/18\/so-you-want-to-be-a-ciso-what-you-should-know-about-data-protection\/","title":{"rendered":"So you want to be a CISO: What you should know about data protection"},"content":{"rendered":"\n

Data is the lifeblood of any organization. Whether you\u2019re a Chief Information Security Officer (CISO) or aspiring to become one, protecting sensitive business data will be your main priority. But the job isn\u2019t getting any easier. In 2021, the number of data breaches climbed 68 percent to 1,862, costing an average of USD4.24 million each.1 <\/sup>The damage from a breach touches everyone, causing diminished brand equity and consumer trust, decreased shareholder confidence, failed audits, and increased scrutiny from regulatory agencies.<\/p>\n\n\n\n

It\u2019s easy to become so preoccupied with protecting against the next ransomware attack that you overlook risks within your own organization. Insider leaks of sensitive data, intellectual property (IP) theft, fraud, regulatory violations\u2014any of these can crash a company (and your career) as quickly as a headline-grabbing breach. Given the breadth of today\u2019s digital estate\u2014on-premises, in the cloud, and at the edge\u2014Microsoft Purview<\/a> provides the inside-out, integrated approach that an effective CISO needs to reduce the risk of internal and external data breaches before they occur. Here are some things to consider, both when prioritizing for yourself and talking to your board of directors.<\/p>\n\n\n

\n\t\n\t\t
\n\t\t\t<\/iframe>\n\t\t<\/div>\n\t<\/div>\n\t<\/figure>\n\n\n\n

Mind your own house\u2014insider threats<\/h2>\n\n\n\n

As the \u201cGreat Resignation<\/a>\u201d or “Great Reshuffle” rolls on, organizations worldwide are dealing with large numbers of people heading for the exits\u2014and climbing aboard. Results from Microsoft\u2019s most recent Work Trend Index<\/a> indicate that 43 percent of employees are likely to consider changing jobs in the year ahead. This massive shift in employment status has been accompanied by the \u201cGreat Exfiltration.\u201d Many of those transitioning employees will, intentionally or not, be leaving with sensitive data stored on personal devices or accessed through a third-party cloud. During 2021, 15 percent of workers uploaded more corporate data to personal cloud apps as compared to 2020. What\u2019s more alarming, 2021 also saw 8 percent of exiting employees upload more than 100 times their usual data volume.2<\/sup><\/p>\n\n\n\n

As a CISO, you\u2019re responsible for data spread across multiple platforms, devices, and workloads. You\u2019ll need to consider how that technology interacts with your organization\u2019s business processes. That includes having policies in place to prevent data exfiltration; especially if you work in a regulated industry, such as finance or healthcare. It starts with asking: Who can access the data? Where should the data reside (or not reside)? How can the data be used? How do we prevent oversharing? A modern data loss prevention<\/a> (DLP) solution\u2014cloud-native and comprehensive\u2014enables you to centrally manage all your DLP policies across cloud services, devices, and on-premises file shares. Even better, this type of unified DLP solution requires no additional infrastructure or agents, helping to keep costs down. Even in a time of great change, today\u2019s workplace requires that people remain free to create, manage, and share data across platforms and services. However, the organizations they work for are often constrained by limited resources and strict privacy standards when seeking to mitigate user risks. For that reason, you\u2019ll need tools that can analyze insider threats and provide integrated detection and investigation capabilities<\/a>. The best solution for insider threats will be:<\/p>\n\n\n\n