Feb 19 2025 25 mins 4
Application, user, and data security are the three core components of every security program, but data is really what attackers want. In order to protect that data, we need to know where it is and what it's used for. Easier said than done. In this Say Easy, Do Hard segment, we tackle data inventory and classification.
In part 1, we discuss the challenges of data inventory and classification, including:
- identifying all data sources within an organization, including databases, applications, cloud storage, physical files, etc., and documenting details like data type, location, and volume
- categorizing all data based on its sensitivity level, usually using classifications like "public," "internal," "confidential," or "restricted," which determines the necessary security measures to protect it
- prioritizing security measures and protecting critical information more effectively
Show Notes: https://securityweekly.com/bsw-383
