IT SERVICES
“ Data governance mating third-party risk management and controls will simplifying due diligence assessments of move to the cloud” cloud providers based on the data they Neil Thacker, DPO and CISO for Netskope
Organisations today are using technical data protection controls, such as Data Loss Prevention (DLP), to manage and protect data in their cloud applications and infrastructure. Over the next 12 months, these controls will mature beyond ’just’ DLP to include data governance best practices. This alignment of DLP and data governance will include the building and automation of centralised inventories of cloud managed applications and/or infrastructure, as well as visibility into the categories of data stored in each application or infrastructure instance. Auto-
66
DIGITAL BULLETIN
hold and process is a more effective and efficient approach than attempting to apply the same rules and controls to all cloud providers. Aligning each application or instance to Cloud Security Posture Management (CSPM) further supports the fundamentals of data governance and can help information security and data governance teams understand their priorities in ensuring both cloud applications and infrastructure instances are secured appropriately whilst also applying the most appropriate data protection controls required for the data they are protecting. A key driver for this focus on maturing data governance in the cloud comes from organisations needing greater automation to both manage