Guest: Dan Benjamin (LinkedIn)
Company: Dig Security (Twitter)
Show: Newsroom

Security is an enabler. If it is too hard, then developers will try to bypass it. If it is too easy, then it’s not really integrated into your existing workflows. – Dan Benjamin

Dig Security is recognized as the industry pioneer in combining data security posture management (DSPM), data loss prevention (DLP), and data detection and response (DDR) capabilities into a single platform.

In this episode of TFiR: Newsroom, Dig Security Co-founder and CEO Dan Benjamin shares his insights on the current data security trends, talks about the latest enhancement to their platform, the new features to secure Large Language Model (LLM) architectures and what’s ahead for the data security space, in general.

Current trends in the market:

• Many organizations today are being pressured by their board to innovate and build new types of capabilities through generative AI. This is such a new technology that organizations don’t have the right safeguards in place to essentially do this in a secure manner.
• A typical enterprise has at least 20 different types of data stores that they own across thousands, if not tens of thousands of instances.
• Companies want consistent security. If I protect something on AWS, I want to have the same protections on Azure Kubernetes Service (AKS), Google Cloud Platform (GCP) and Oracle Cloud Infrastructure (OCI). Same goes for their AI components.
• Most users do not trust enterprises to keep their information secure.

How Dig Security is helping organizations:

• Benjamin co-founded Dig Security about two years ago. It delivers the only DSPM solution to protect enterprise data in the public cloud, Software as a service (SaaS), and on-prem.
• It helps organizations answer these key questions: What data do I have? How is that data being used in which applications, users, vendors, machines? How do I protect this information, either addressed in motion or in use?
• It does this by 1) discovering any piece of information that lives in the customer’s clouds, 2) classifying any piece of information, whether it is personally identifiable information (PII), protected health information (PHI), PCI or any type of regulated data, and 3) visualizing risk in the data itself.
• It builds data-centric security, prioritizing risk coming from the data itself, and detecting and responding when something bad happens.
• It detects if data is being exfiltrated, if someone copies data outside of your cloud, if you have illegal data transfers, if your developer decides to download the production database to a personal machine, if one of your third party got compromised and is now extra training information outside of the organization.
• Generative AI models are being trained typically on customer data and on enterprise information.
• Since Dig Security has already built and safeguarded enterprise information for years, they want to enable organizations with their existing technology. They recently announced that they built specific controls for the generative AI era.
• They want to help organizations understand which AI models are being trained on sensitive information, what these models have access to, and what they are doing. If you train a model on sensitive information (PII, PHI, or PCI), you essentially expose all the sensitive information that you were trying to safeguard for years.
• Dig Security can identify shadow models, e.g., teams want to test something new, so they copy the entire company database, put it in a side project, they’ll start training something, and then forget about it.

On security in the cloud:

• There is a misconception that the cloud makes security easier. The cloud has made it much easier to set up the infrastructure, build a database, spread data and copy data across environments, but it’s also easier to create more data risk. Controlling and protecting data has become harder, especially in multi-cloud environments.

On data security:

• Security is an enabler. If it is too hard, then developers will try to bypass it. If it is too easy, then it’s not really integrated into your existing workflows.
• If you set up infrastructure-as-code (IaC), make sure that the infrastructure is set up correctly before you even deploy it.
• Security should be incorporated into the normal day-to-day flow of development. Even though the developers don’t have that security mindset, it will bring in these types of controls.
• The problem with data is it is only generated at the application level. Once you start storing sensitive information, you can’t really describe what data is going to be saved in the future in a specific bucket or database or analytics data store.
• For data, it has to be a shift-right approach. You need to see what happens at runtime, what’s already there, what’s being saved, and how it changes over time.
• You start by building a very strong data inventory. Identify what data you own across buckets and VMs, running databases and analytics data sources and across the different clouds.

What’s ahead:

• Eventually, data security teams will have to control and govern data wherever data lives in the modern enterprise, whether in public clouds, AWS or Azure, on-prem, SaaS applications, or endpoints.
• There will be more consolidation in the on-prem space and SaaS space, and creating a single pane of glass where data security teams can essentially govern any type of data that the organization has, make it not only compliant and suitable for the privacy standards of each type of governing country or states.
• There will be ecosystems of security products that essentially talk to each other.

 This summary was written by Camille Gregory.