Sensitive Data Management Maturity – The DLP Missing Link

At the 2016 RSA Conference in San Francisco, CA, Todd Feinman, CEO and Gabriel Gumbs, VP of Product Strategy presented on Sensitive Data Management Maturity – The DLP Missing Link.
As a company and with the help of industry professionals, we created a Sensitive Data Maturity Model to help organizations identify where their data is, who owns it, what should be done with it, and how much of it exists.

Many organizations have massive amounts of data that resides in multiple locations, making it hard to control where that data is, what is classified as sensitive data, and what permissions to allow for specific data types. With automated persistent classification, you are identifying within the metadata what is confidential, sensitive, or public, and are able to implement the proper processes and technology to block the sensitive data from leaving your organization.

“It’s not just about technology, it’s about the whole process and technology. The people aspect of this is absolutely critical.” – Todd Feinman, CEO Identity Finder

We looked at many different maturity models ISO/IEC 15504, COBIT, Cybersecurity Capability Maturity Model (C2M2), ISO/IEC 21827:2008, and could not find a model that addressed managing sensitive data. So, we decided to make our own and share it with the security industry.

The Sensitive Data Maturity Model empowers those who adapt it to build forward looking data security initiatives and track their efficacy. Made up of four business functions, three security practices within each business function, and four maturity levels, the Sensitive Data Maturity Model is designed to fill that gap in existing available resources. Allowing you to benchmark your maturity with other organizations while providing management with a self-assessment tool for data security process capability in comparison to business requirements, and as a tool for gap analysis and improvement planning.

Want to take a deeper dive into the Maturity Model? Please view the presentation from the 2016 RSA Conference, here.

 

Related Blog Posts

Blog Post
How to minimize risk after the Blackbaud data breach
Blog Post
Spirion recognized as Best SecOps and Best Compliance Solutions in 2020 Tech Ascension Awards
Blog Post
Iliana Peters, Discusses HIPAA: The Pandemic, Common Misconceptions, and Mobile Data
Blog Post
Sergeant First Class (SFC) Brittany Conley, on the Privacy Please podcast discussing virality of social posts and military security
Blog Post
Why scalability is crucial to reducing your sensitive data exposure
Blog Post
Why you need to know where your sensitive data is and how to protect it