Mohit Tiwari, CEO of Symmetry Systems, explores Zero Trust, data objects and the NIST framework for cloud and on-prem environments.
Compromised credentials and identities, third-party breaches, API attacks, and application exploits are all foundational entry points for today’s hackers.
Recent months have brought many high-profile breaches from Samsung and Nvidia to Okta and the continued aftermath of Log4j. Still, ultimately, these attacks are all symptoms of the same problem: organizations do not have visibility into how their data objects are protected and used.
Until security teams can answer in real-time what data they have, who has access to it, and how it is being used, organizations will continue to fail in rapidly communicating the extent of breaches within the cloud.
When Samsung confirmed the Lapsus$ hacking group had obtained and leaked almost 200 gigabytes of confidential data, the first question for customers was whether or not their customers’ data was a part of that statistic or if Samsung had safeguards in place to protect them.
Fortunately, Samsung said that no customers’ personal information was compromised. However, when Okta was breached by