Ransomware attacks have been in the news lately, possibly because of the 225% increase in total losses from ransomware in the United States alone in 2020. An increase in sophistication by attackers is a major factor, and many of these ransomware attacks were enabled at least in part by insider negligence. As the level of sophistication of attacks grows, your prevention posture needs to escalate as well. Anytime is a good time to consider adopting a Risk-Based approach to data security rather than the traditional checklist pattern.
The Risk-Based approach is a systematic method for identifying, evaluating, and prioritizing potential threat vectors facing your data assets. There are five phases in the analysis:
- Conduct a Business Impact Analysis
- Perform a Risk Assessment
- Identify and Implement Needed Controls
- Test, Validate, and Report
- Continuous Monitoring and Governance
The last step, continuous monitoring, and governance is part of our DataGovOps practice.
Modern Data Governance is focused on value creation through promoting the usage of data. DataGovOps enables safe and controlled data usage at scale by automating data quality, management, and protection workflows.
The recent hype around ransomware attacks is a wake-up call for a threat that has always been present. Methodologies like DataGovOps enabled by new practices augmented by AI and machine learning and even blockchain can help make your Risk-Based Data Security journey more effective and easier to implement.