Dwight Eisenhower’s decision framework famously categorizes tasks based on the distinction between importance and urgency. Tasks, you see, are not created equally. Some, like exercise, self-improvement, or family time, are important but not urgent. Others, like responding to most emails, scheduling, even cooking meals – are urgent but not important. The Eisenhower method is a great clarifier when it comes to how we choose to spend our time. It’s also a great way for cybersecurity professionals to bring focus to the seemingly endless stream of risk mitigation to-dos.
The challenge, of course, is that cybersecurity is just a wee bit more complicated than your daily planner. There’s no question that important and urgent attack surfaces need to rise to the top – but large organizations are an embarrassment of riches when it comes to security holes, and it’s not always obvious which ones to fill first.
Identifying Data Security Attack Surfaces
Enter Concentric’s Semantic Intelligence™ solution with new Risk Distance™ analysis capabilities. We help you find at-risk, business-critical data that’s in urgent need of protection. These powerful new capabilities use a deep learning technique known as advanced natural language processing, and it’s how we automate one of the most complex cybersecurity tasks out there.
Here’s how it works.
We start with the industry’s best data discovery and categorization capabilities. If you think about the millions of files your end users create and manage every day (our research shows a typical organization has over 10 million of them), not all of them contain data that’s worth losing sleep over. But a good portion of these files – about 28% – are business-critical. They contain private information, business strategies, intellectual property or other data you just don’t want to lose. They are, in a word, important.
Semantic Intelligence™ autonomously organizes files into over 210 different categories so you can focus on the ones that really matter. And it does it without rules, policies or end-user classification drudgery.
Next we look for risk. Before Semantic Intelligence™, identifying data at risk required labor-intensive, hand-crafted rules and policies. Someone had to decide whether it was ok for a certain type of file to be handled in a certain way, and someone had to write the rules to spot it. For IT professionals (who aren’t usually experts in the nuances of the specific data they’re being asked to secure) that meant time, trial, error and effort.
Data Security Risk Management
Risk Distance™ analysis puts an end to the policy maintenance nightmare. It works by comparing each individual file with the aggregate security practices in use by the files in its peer group. We calculate a “distance” and that tells us if the file’s a security outlier. If a file’s being shared, stored or permissioned differently than its peers, it’s at risk.
Finally, Semantic Intelligence™ now offers activity-based information about a file. Copying, downloading, moving, changing permissions and printing all point to a file that’s on the move – and maybe not in a good way. Active files raise the urgency to secure them – but chasing security issues on every active file in your organization is urgency without focus.
Finding data at the intersection of importance, risk and activity is the path to truly effective unstructured data access governance. Semantic Intelligence™, and its innovative use of natural language processing for end-to-end automation, is the answer.
Eisenhower said, “What is important is seldom urgent and what is urgent is seldom important.” For cybersecurity, that turns out to be good news: with a focus on urgent and important data, the elusive challenges of unstructured data protection are now within reach with Concentric.