Info

Business Security Weekly (Audio)

About bridging the gap between security initiatives and business objectives. Hosted by Matt Alderman, co-hosted by Jason Albuquerque, Ben Carr.
RSS Feed Subscribe in Apple Podcasts
Business Security Weekly (Audio)
2025
March
February
January


2024
December
November
October
September
August
July
June
May
April
March
February
January


2023
December
November
October
September
August
July
June
May
April
March
February
January


2022
December
November
October
September
August
July
May
April
March
February
January


2021
December
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July


Categories

All Episodes
Archives
Categories
Now displaying: Page 1
Feb 19, 2025

Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification.

In part 1, we discuss the challenges of data inventory and classification, including:

  • identifying all data sources within an organization, including databases, applications, cloud storage, physical files, etc., and documenting details like data type, location, and volume
  • categorizing all data based on its sensitivity level, usually using classifications like "public," "internal," "confidential," or "restricted," which determines the necessary security measures to protect it
  • prioritizing security measures and protecting critical information more effectively

Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification.

In part 2, we discuss the steps involved in data inventory and classification, including:

  • Data discovery: Identify all data sources across the organization using data mapping tools.
  • Data profiling: Analyze data attributes to understand its content and characteristics.
  • Data classification: Assign appropriate sensitivity levels to each data set based on predefined criteria.
  • Data tagging: Label data assets with their classification level for easy identification.
  • Data ownership assignment: Determine who is responsible for managing each data set.

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-383

0 Comments
Adding comments is not available at this time.