With data breaches on the rise, complex information governance challenges require a comprehensive approach to understanding an organization’s data profile through the lenses of compliance, privacy and litigation, suggests Jenny Hamilton, Deputy General Counsel for Global Discovery and Privacy at HaystackID. Data mapping – or identifying where high priority documents reside – is the critical exercise to understand your organization’s risk profile and where it ranks on the continuum of compliance with global privacy regulations. Mapping company data repositories for personal data, sensitive business communications and company “crown jewels” can make the difference between an organization’s comfort or concern regarding data security and litigation risk.
“It’s a common misconception that businesses, at any moment, have a clear picture of what critical data they have and where it resides,” said Hamilton. “More often, businesses are unable to identify where the company may be vulnerable in a ransomware attack, which makes the practice of data mapping all the more important.” And as work environments continue to shift to wider remote and federated landscapes, keeping a clear line of sight on all the newly adopted applications and means of sharing mission critical information has become increasingly complex and daunting.
Also Read: Top 3 Unique Skills of a Modern CISO
“Mapping company data is iterative work requiring clear priorities that strike the right balance between cross-functional stakeholders, including IT, risk, compliance, legal, and eDiscovery and cyber providers. It also requires forward thinking, disciplined methodologies to capture growth and change.
The data map is a living and breathing landscape. At the end of the day, it’s about risk identification and mitigation, and not getting sidetracked by the enormity of the task with irrelevant details. Data mapping gives teams the knowledge required to put controls and protection around the higher risk and high value information, which ultimately put companies a step ahead in the event of a data breach.”
For more such updates follow us on Google News ITsecuritywire News.