Skip to main content
Get the article on our blog: What you need to know about your data before you launch your AI project.


What is “the data” anyway?

Hackers and cyber criminals are after “the data.” CISOs know that they must protect “the data” of the company. “The data” is always assumed to be important business data. But what exactly is data? Ask 15 different people in the same company which data is important to them, and you’ll get 15 different answers. Ask people in 15 different companies and get a mind-boggling range of completely different responses.

Different departments in an organization interact with—and are responsible for—different kinds of data. HR cares about employee PII, health insurance, and compensation data. A DevOps team relies on proprietary code, testing, and IT monitoring data. Sales couldn’t care less about that data, but they live and die with CRM and order status metrics. Supervisory control and data acquisition (SCADA) data is the lifeblood of industrial processes for manufacturing and power plant environments. Retailers run on credit card numbers, tech companies innovate through IP, and healthcare organizations depend on medical records. If “the data” means something different to every organization—and every person in the organization—then what is “the data?”

The people in the business are the business. If processing credit card transactions is the primary business, you still need all of your employees and the data they interact with to perform successfully. As the CISO or security expert responsible for protecting the company’s data, you need to know exactly what you’re protecting.

That requires being able to answer these questions:
  • Which data is important to which teams?
  • What is the specific data that needs protection in every area?
  • How is it being created?
  • How is it consumed?
  • How does each team use the data?
  • What happens to the data—how is it enhanced, edited, or otherwise transformed? • Where does it go after that? Who else sees it?

The problem is, no one asks these questions. It’s too overwhelming. There are fires to be put out. “I’d rather just not think about it.” Don’t feel bad. I haven’t yet met a CISO, IT, or security team that could answer these questions. And I’m not sure any individual can answer all of these questions without a way to gain visibility into “the data.”

That’s why organizations need data surveillance. They can know exactly the state of their data with positive proof and a data chain-of-custody accounting. You’ll know in seconds what every piece of data is doing, where it goes, how it proliferates, who’s accessing it, and how it’s used. You still need to make decisions about how to best protect your data, but now with that visibility, you can make informed decisions.

See how data surveillance delivers the data visibility you need. Book a meeting.