Data breaches continue to be a thorn for most organizations despite the sophisticated and innovative cybersecurity tools that are used to stop what is now the inevitable cost of doing business in a hyperconnected world. Given the growing complexity. of attacks through advanced automation, simply throwing resources at responding lacks the scale necessary to effectively manage sophisticated threats. Therefore, it is imperative to develop an ontological view of digital assets and how they are consumed by users and entities.
Data ontology is a key concept used by data scientists to understand the relationship between processes and datastores. When this concept is extended to data security, it can help to organize data, applications, APIs, devices, and users into structures and establish the relationships between the different elements to enhance the detection of anomalies. The relationship between data and the entities that consume that data is what yields the outcome of digital transactions.
Unlike data taxonomy which describes the hierarchical structures of data, for the purpose of cybersecurity, data ontology helps practitioners develop a holistic strategy to protect critical data by factoring in the independent elements of digital transactions and their impact on the journey of critical data.
The complexity of understanding the relationship between data, users, and entities comes from not understanding the context of their interaction. In the domain of cybersecurity, if the context of users, entities, and their use of data can be established as a baseline, and monitored, identifying anomalies that can lead to data breach comes as a natural byproduct.
In normal operating procedure, let’s consider a simplified context whereby “users” interact with “entities” like “devices,” to access “APIs” for microservices that provide services within the scope of an “application” stack to access “data”. But likewise, in every data breach involving a fraud use case, these common elements are often abused to yield results for adversarial actors.
Therefore, understanding the relationships across all the elements is material to creating a functional response strategy that can sense when each of the elements is abused and then nullify the implication in an expeditious manner. Understanding the relationship between users and devices is essential for protecting applications and APIs.
Click here to read the original article published by Imperva.
Please give your feedback on this article or share a similar story for publishing by clicking here.
