登录查看更多内容

What are the most common myths about cybersecurity frameworks for DG?

由人工智能和领英社区提供技术支持

Cybersecurity frameworks are sets of standards, guidelines, and best practices that help organizations manage their cybersecurity risks and improve their data governance (DG). However, there are some common myths and misconceptions about cybersecurity frameworks that can hinder their adoption and effectiveness. In this article, we will debunk some of these myths and explain how cybersecurity frameworks can benefit your DG strategy.

此文章中的业界达人

由社区从 7 条内容中精选。了解更多

Tejasvi Addagada

Empowering Digital Transformation through Data Strategy & AI Innovation | Data & Privacy Leader | Speaker & Author
Gopi Maren

Value Focused Data Enablement | Data Governance | Data Quality ISO 8000 | Cybersecurity | Data Management |…
Debajit Mondal

Data Governance

1 Myth 1: Cybersecurity frameworks are one-size-fits-all

One of the most common myths about cybersecurity frameworks is that they are rigid and prescriptive, and that they force organizations to adopt a specific approach or toolset. However, this is not true. Most cybersecurity frameworks are flexible and adaptable, and they allow organizations to tailor them to their specific needs, goals, and context. For example, the NIST Cybersecurity Framework, one of the most widely used frameworks, provides a common language and a set of core functions, but it does not dictate how organizations should implement them. Instead, it encourages organizations to use their own risk assessment and management processes, and to choose the most appropriate controls and practices for their situation. This way, cybersecurity frameworks can support your DG objectives without imposing unnecessary constraints or costs.

添加您的观点

Arunkumar K.

CTO @ Sennovate | Pioneering AI Cybersecurity Solutions | Former CISO in Web3 & Crypto | Experienced with Bolstering defences for State & National Governments
举报内容
Myth: Cybersecurity Frameworks Are Only for IT Security Professionals Reality: Cybersecurity frameworks are designed for a broader audience, including business leaders, data governance professionals, and risk management stakeholders. These frameworks often provide a common language that facilitates communication across different business units, helping to align security practices with business objectives.

已翻译

赞

2 Myth 2: Cybersecurity frameworks are only for large or regulated organizations

Another common myth about cybersecurity frameworks is that they are only relevant or useful for large or regulated organizations, such as government agencies, financial institutions, or healthcare providers. However, this is also not true. Cybersecurity frameworks can benefit any organization that handles data, regardless of its size, industry, or regulatory status. Cybersecurity frameworks can help organizations of all sizes to identify and prioritize their cybersecurity risks, to implement and monitor their cybersecurity controls, and to improve their cybersecurity performance and resilience. Moreover, cybersecurity frameworks can help organizations to align their cybersecurity practices with their DG principles, such as data quality, data protection, data ethics, and data value. By using cybersecurity frameworks, organizations can enhance their data security, compliance, trust, and reputation.

添加您的观点

Kushal Rajput

SAP Consultant at Deloitte South Asia | Deloitte SAP- Data Factory | SAP Data Migration | SAP Data Migration Cockpit | SAP Retail FVB | SAP MDG | B.Tech Computer Science and Engineering @ Nirma University'2022
举报内容
One myth is “Data Governance is Only for Big Companies”: Assuming that small or medium-sized enterprises don’t need robust data governance frameworks, neglecting the importance of data integrity and security for businesses of all sizes.

已翻译

赞
Thiva Kulasingam

Platform Engineering | Call Centre Solutions on Cloud (CCaaS) | Cyber Security | CTO Advisor for Startups | Certified AWS AI Practitioner
举报内容
The myth around cybersecurity frameworks being too comprehensive often affects small to medium-sized companies managing IT operations on limited budgets. These frameworks offer extensive guidance across diverse scenarios, making it challenging to decide what suits them best. It's important to note that these frameworks don't mandate implementing all best practices but serve as flexible guidelines. My advice to companies is to begin their cybersecurity journey by targeting easy wins. This approach allows for cost-effective improvements before gradually advancing to more intricate security measures. Implementing robust security controls comes at a cost, so a step-by-step progression is practical for budget-conscious companies.

已翻译

赞

3 Myth 3: Cybersecurity frameworks are static and outdated

A third common myth about cybersecurity frameworks is that they are static and outdated, and that they cannot keep up with the evolving cybersecurity threats and technologies. However, this is also not true. Cybersecurity frameworks are dynamic and updated, and they can accommodate the changing cybersecurity landscape. For example, the NIST Cybersecurity Framework is regularly revised and expanded, based on the feedback and input from various stakeholders, such as industry experts, practitioners, researchers, and policymakers. The latest version of the framework, released in 2018, includes new topics such as supply chain risk management, identity management, and self-assessment. Furthermore, cybersecurity frameworks are designed to be flexible and scalable, and they can be integrated with other standards, tools, and methods that address specific cybersecurity challenges or domains. For instance, organizations can use the ISO/IEC 27000 series, the CIS Controls, or the MITRE ATT&CK framework to complement their cybersecurity framework implementation. This way, cybersecurity frameworks can support your DG initiatives without becoming obsolete or irrelevant.

添加您的观点

4 Myth 4: Cybersecurity frameworks are costly and complex

A fourth common myth about cybersecurity frameworks is that they are costly and complex, and that they require significant resources and expertise to implement and maintain. However, this is also not true. Cybersecurity frameworks are cost-effective and simple, and they can be implemented and maintained with reasonable resources and expertise. For example, the NIST Cybersecurity Framework provides a concise and clear structure and guidance, and it does not require any specific tools or technologies to implement. Instead, it allows organizations to use their existing resources and capabilities, and to leverage their existing policies, processes, and systems. Moreover, cybersecurity frameworks can help organizations to reduce their cybersecurity costs and complexity, by helping them to prioritize and streamline their cybersecurity activities, to avoid duplication and inefficiency, and to measure and improve their cybersecurity outcomes. By using cybersecurity frameworks, organizations can optimize their cybersecurity investments and operations, and support their DG goals.

添加您的观点

Gopi Maren

Value Focused Data Enablement | Data Governance | Data Quality ISO 8000 | Cybersecurity | Data Management | Data-Entrepreneur | Digital Transformation | Data Strategist | Data Privacy | CDMP
举报内容
From Infosec to Cybersecurity, at its most fundamental level, cybersecurity is safeguarding an organization's infrastructure and data from any breach or attack, damage, being compliant or unauthorized access. Data governance aims to specify what data assets the Organization has, its lineage, and who may act on it when and under what conditions. An enterprise-level data governance program often empowers company-wide data definitions and standard data formats that are implemented across all disparate systems, resulting in improved & standardized data consistency for both business and compliance purposes. As hackers focus on exploiting vulnerabilities in these new systems, businesses prepared with a proactive governance plan is a mandate.

已翻译

赞

5 Myth 5: Cybersecurity frameworks are sufficient and standalone

A fifth common myth about cybersecurity frameworks is that they are sufficient and standalone, and that they can address all the cybersecurity issues and challenges that organizations face. However, this is also not true. Cybersecurity frameworks are necessary but not sufficient, and they need to be complemented by other elements and factors that influence cybersecurity effectiveness and maturity. For example, cybersecurity frameworks need to be aligned with the organization's strategy, culture, and governance, and they need to be supported by the organization's leadership, commitment, and awareness. Additionally, cybersecurity frameworks need to be integrated with the organization's data governance framework, and they need to be coordinated with the organization's data stakeholders, such as data owners, data users, data custodians, and data consumers. By doing so, cybersecurity frameworks can enhance the organization's data security, quality, value, and usability, and foster a data-driven culture.

添加您的观点

Debajit Mondal

Data Governance
举报内容
Cybersecurity and Data Governance go hand in hand... After all both are aimed at better data... Cybersecurity is not just limited to the cyber use of data but also how to maintain the integrity of the data....

已翻译

赞

6 Here’s what else to consider

This is a space to share examples, stories, or insights that don’t fit into any of the previous sections. What else would you like to add?

添加您的观点

Tejasvi Addagada

Empowering Digital Transformation through Data Strategy & AI Innovation | Data & Privacy Leader | Speaker & Author
举报内容
In the article, cybersecurity is discussed in relation to data governance 1. It is common for cybersecurity to be clearly separated from data management and governance in general. For instance, organizations often hire a separate cybersecurity specialist, completely separate from the data governance team 2. Though mature organizations might have operations in the first line and policing in the second line, the interactions between data offices and information security can be minimal 3. This lack of integration can lead to inefficiencies, as the organization struggles to coordinate its security strategy with data strategy. It can also leave the organization vulnerable to cyber threats, as security teams lack visibility into data environment

已翻译

赞
Kushal Rajput

SAP Consultant at Deloitte South Asia | Deloitte SAP- Data Factory | SAP Data Migration | SAP Data Migration Cockpit | SAP Retail FVB | SAP MDG | B.Tech Computer Science and Engineering @ Nirma University'2022
举报内容
Another myth is “Data Governance is Only About Compliance”: Viewing data governance merely as a compliance checkbox rather than understanding its broader role in improving data quality, decision-making, and overall business performance.

已翻译

赞

Data Governance

+ 关注

给文章评分

我们借助人工智能创建了此文章。您认为这篇文章怎么样？

很棒不太好

举报此文章

查看全部

What are the most common myths about cybersecurity frameworks for DG?

1

2

3

4

5

6

1 Myth 1: Cybersecurity frameworks are one-size-fits-all

2 Myth 2: Cybersecurity frameworks are only for large or regulated organizations

3 Myth 3: Cybersecurity frameworks are static and outdated

4 Myth 4: Cybersecurity frameworks are costly and complex

5 Myth 5: Cybersecurity frameworks are sufficient and standalone

6 Here’s what else to consider

Data Governance

给文章评分

感谢您的反馈

更多Data Governance相关文章

更多相关阅读内容

What are the most common myths about cybersecurity frameworks for DG?

1

2

3

4

5

6

1 Myth 1: Cybersecurity frameworks are one-size-fits-all

2 Myth 2: Cybersecurity frameworks are only for large or regulated organizations

3 Myth 3: Cybersecurity frameworks are static and outdated

4 Myth 4: Cybersecurity frameworks are costly and complex

5 Myth 5: Cybersecurity frameworks are sufficient and standalone

6 Here’s what else to consider

Data Governance

给文章评分

感谢您的反馈

查看其他技能