Chapter 8. Data Security Posture Management

I’ve seen things you people wouldn’t believe.

Attack ships on fire off the shoulder of Orion.

I’ve watched C-beams glitter in the dark, near the Tannhäuser gate.

All those moments will be lost in time, like tears in rain.

Roy Batty, Blade Runner

Or our teams, when they explored our data security posture…

Your data is, often, the ultimate goal for bad actors. When MI5 gave us the original heads-up, as we shared in Chapter 1, we knew our networks were being exploited. We didn’t know that we had a shadow cloud, but that was quickly rectified when our CNAPP illuminated the shadow as rapidly as possible, as discussed in Chapter 2.

At each step, our CNAPP helped us bring our teams together—application development, platform and DevOps, security engineering, security operations—into a cohesive, collaborative unit that could throw a light on what MI5 was already making us aware of. Except we were missing the white whale that the perpetrators of the attack were really after: our data or, more importantly, the use of our system as a safe harbor for their stolen data.

But that’s getting a little ahead of ourselves. First, we needed to know what normal data use and flow looked like. We needed to see what we were supposed to have, from a data perspective. We needed to know our data security posture. Which meant we needed to leverage our CNAPP’s Data Security Posture Management (DSPM).