Feb 19 2025 27 mins 3
Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification.
In part 2, we discuss the steps involved in data inventory and classification, including:
- Data discovery: Identify all data sources across the organization using data mapping tools.
- Data profiling: Analyze data attributes to understand its content and characteristics.
- Data classification: Assign appropriate sensitivity levels to each data set based on predefined criteria.
- Data tagging: Label data assets with their classification level for easy identification.
- Data ownership assignment: Determine who is responsible for managing each data set.
Show Notes: https://securityweekly.com/bsw-383
