How data detection and response are becoming cloud security essentials
At a fundamental level, cloud security is data security. Yet, many organizations are struggling to identify and protect the data they’ve stored in the cloud. In fact, research shows that while 80% of organizations store sensitive data in the cloud, 53% experienced a cyberattack on their cloud infrastructure within the last 12 months.
With so many complex threats online, today’s organizations need to be able to detect and respond to cloud breaches in a matter of minutes if they want to protect their mission-critical data. One way to do this is with real-time data detection and response.
That’s why cloud data security leader Dig Security, is using cloud data detection and response (DDR) to address cloud-based threats in real-time.
The reality of modern cloud security
One of the main reasons why cloud detection and response is becoming more important for enterprises is the cloud skills gap.
An (ISC)² report shows that while 39% of organizations have more than half of their workloads in the cloud, 93% are moderate to extremely concerned about the massive skills shortage of qualified cybersecurity professionals.
The problem is that few organizations have the internal expertise to not only identify the data that’s stored across the cloud or where data lives within the environment but to protect it from increasingly complex threat actors.
The number and variety of data assets in the cloud are exploding, being driven by multicloud environments, microservices, and massive increases in remote work. Today there is more data in public clouds than on-premises, and data represents more than 40% of cloud resources,” Dan Benjamin, CEO and cofounder of Dig Security.
that a skilled attacker can execute a data breach in the cloud in as little as 3 minutes, which means security teams need to be able to respond rapidly to threats to minimize the impact of security incidents.
Where DDR comes in
Dig’s solution aims to give security teams the ability to respond to these threats by using a threat model to detect and respond to threats at the data level, as part of an approach that combines data security posture management (DSPM), data loss prevention (DLP), and DDR capabilities within a single solution.
This approach also helps to address some of the other unique challenges that come with maintaining cloud security.
There are also several other factors that make securing cloud data difficult. For example, each datastore has a unique set of administrative actions that could lead to a misconfiguration or a vulnerability. There is also inconsistent policy expression across datastores.” Dan Benjamin, CEO and cofounder of Dig Security.
Dig’s platform provides a framework to define policies no matter where data resides so that security teams can define and enforce security policies consistently across data stores.
A look at the CSPM market
Dig’s solution falls within the cloud security posture management (CSPM) market, which researchers valued at $4.2 billion in 2022 and expect to reach a value of $8.6 billion by 2027, as more organizations look for solutions that can help them mitigate cloud-based threats.
The organization is competing against a few high-profile competitors including AWS Macie, a managed data discovery and protection solution that uses machine learning to identify sensitive data and PII. AWS recently raised $19.74 billion in revenue in the second quarter of this year.
Another competitor is Google Cloud Data Loss Prevention, which can discover and classify sensitive data stored in cloud storage, managed through the Google Cloud Console UI. Google Cloud recently announced raising $5.5 billion in revenue in Q4 of last year.
the main difference between Dig’s solution and other competitors is that the service “goes beyond DSPM,” which only identifies static risks to cloud data, and instead offers real-time data detection and response capabilities.