As Cybersecurity Awareness Month highlights the growing challenges in digital safety, Rajnish Gupta, Country Manager of Tenable India, delves into the evolving complexities of cloud security. With AI and multi-cloud environments reshaping data dynamics, Gupta underscores the pressing need for robust Data Security Posture Management (DSPM) and AI Security Posture Management (AI-SPM) to mitigate new-age risks. In this interview, he outlines key strategies for securing the cloud, including zero trust frameworks and DSPM integration, shedding light on why now, more than ever, organizations must prioritize vigilant data management and risk assessments.
Onkar: Why is it becoming so difficult for organisations to keep track of and secure data in the cloud?
Rajnish: The cloud has become the backbone of modern businesses, offering flexibility, scalability, and vast storage capabilities that have driven an unprecedented data boom. At the same time, AI is harnessing this data for a wide range of business applications, fueling a new wave of technological innovation. However, this rapid growth highlights a critical gap: the need for stronger security measures to protect the data stored in the cloud and the AI systems that rely on it.
Organisations donโt know where all their data and applications live, or what assets are in their inventory, especially in a multi or hybrid cloud environment. These blindspots make it harder to keep track of data. Since data and apps are hosted on third-party infrastructure, organisations have less control over how data is accessed and shared.
Onkar: What is data security posture management and why should organisations pay attention to it this Cybersecurity Awareness Month?
Rajnish: Data Security Posture Management (DSPM) is a cybersecurity technology built to protect an organisation's data from unauthorised access, disclosure, alteration, or destruction. DSPM tools identify sensitive data stored across an organisation's cloud environment, including IaaS, databases, SaaS applications, cloud file storage and others. With the explosion of data being generated and stored in the cloud, hackers are creating new and innovative attack techniques to gain access to cloud environments and steal data. Hence why organisations need to rethink their approach to data security this Cybersecurity Awareness Month.
Onkar: What exactly is AI-SPM, and how can organisations improve cyber defence with it?
Rajnish: AI Security Posture Management (AI-SPM) focuses on securing AI and machine learning (ML) systems by identifying vulnerabilities, misconfigurations, and risks associated with AI adoption. It continuously monitors the security posture of AI models, data, and infrastructure. As AI usage has surged in recent years, the need for AI-SPM has grown due to the security risks posed by AI services and packages. Without AI-SPM, organisations cannot track which AI models are in use or detect shadow AI, leading to blind spots where misconfigured public access, exposed keys, or unencrypted data can result in the theft of AI models. Additionally, using sensitive data to train AI models can unintentionally expose personally identifiable information (PII).
Standalone solutions such as data security posture management (DSPM) and AI security posture management (AI-SPM) can shine a spotlight on data and AI resources. However, without proper integration into broader cloud security tools, itโs a real challenge to contextualise and prioritise security findings properly to mitigate the risk in time using the limited resources cyber security teams have.
When DSPM and AI-SPM tools are integrated with cloud-native application protection platforms (CNAPP), they provide a more robust solution. This approach offers deep visibility into data across multi-cloud environments, identifying where sensitive data resides, classifying it by severity levels, and categorising it as proprietary information or personally identifiable information (PII). These tools not only detect suspicious data-related activity before it escalates into a breach but also allow organisations to manage access to sensitive data, revoking permissions where necessary.
Onkar: What is the most effective way to protect data in the cloud?
Rajnish: Adopt a "zero trust" security framework that requires all users, whether inside or outside the organisation, to be authenticated, authorised, and continuously validated before accessing data. This framework should enforce time-limited access and follow the principle of least privilege, ensuring users access only the minimum data necessary to perform their roles.
Implement a cloud DSPM solution to support this framework with continuous monitoring, automation, prioritisation, and enhanced visibility. DSPM solutions help organisations identify and prioritise data security risks by severity, enabling focused resource allocation on the most critical issues.
Conduct regular risk assessments to identify and address security risks before they can be exploited. This approach helps prevent data breaches and mitigates the impact of security incidents.
Finally, train employees on security best practices, such as creating strong passwords, identifying risks, and reporting suspicious activity, to strengthen organisational security awareness and response.
Onkar: What aspects of cloud security need more awareness building and why?
Rajnish: Managing risks from third partiesโsuch as partners, service providers, and vendorsโhas always been essential, and it becomes even more critical when these trusted organisations have access to your cloud environment and data. Ensure that your third parties implement robust cloud security measures to protect both their access to your data and your broader cloud environment.
Secure all identities. This year has shown how easily major data breaches can stem from basic oversights, like failing to protect highly privileged admin accounts with multi-factor authentication (MFA).
Adopt best practices to prevent ransomware attacks and to mitigate their impact if they occur. Ransomware groups understand that taking control of systems and threatening to expose sensitive data can compel victims to pay, making proactive protection crucial.
๐๐ญ๐๐ฒ ๐ข๐ง๐๐จ๐ซ๐ฆ๐๐ ๐ฐ๐ข๐ญ๐ก ๐จ๐ฎ๐ซ ๐ฅ๐๐ญ๐๐ฌ๐ญ ๐ฎ๐ฉ๐๐๐ญ๐๐ฌ ๐๐ฒ ๐ฃ๐จ๐ข๐ง๐ข๐ง๐ ๐ญ๐ก๐ WhatsApp Channel now! ๐๐ฒ
๐ญ๐๐๐๐๐ ๐ถ๐๐ ๐บ๐๐๐๐๐ ๐ด๐๐ ๐๐ ๐ท๐๐๐๐ฌ ๐ Facebook, LinkedIn, Twitter, Instagram