For Security & Risk Professionals

Know Your Data To Create Actionable Policy

Why Read This Report

Data defense is the fundamental purpose of information security. To defend your data, there are only four levers you can pull — controlling access, inspecting data usage patterns for abuse, disposing of data when the organization no longer needs it, or killing data to devalue it in the event that it is stolen. Policy addresses when and how much to pull the levers. Too often, organizations create data policies without a clear understanding of feasibility and purpose within their business because they themselves are in the dark about their data — from what data they have to where it resides. As a result, many data security policies are ineffective and can even hinder business processes. Data classification via traditional frameworks such as Bell-LaPadula and Biba can be too academic in nature and not enforceable in the modern world of big data and advanced threats. In today's evolving data economy, data identity is the missing link that security and risk (S&R) leaders must define in order to create actionable data security and control policy. We designed this report to help S&R leaders develop effective policies using our Data Security Control And Control Framework as a guideline.
US $ 499
Become A Client

Get objective, pragmatic guidance that helps you make tough decisions and succeed in a complex world. Contact us to learn more.

Already A Client?
Log in to read this document.

TABLE OF CONTENTS

  • Data Security Policies Today Have More Bark Than Bite
  • Get Some Policy Teeth With The Data Security And Control Framework
  • Chief Data Officers Will Drive Data Security Policy Initiatives
  • WHAT IT MEANS

    Create Actionable Policies Today By Knowing Your Data
  • Supplemental Material
  • Related Research Documents