With Wiz adding ”DSPM” or rather data classification, do you see there being much need for DSPM on top of CSPM? I feel like the DLP and Detection and Response are way more important than CSPM checks, but is that just me?

DatabaseData Protection & EncryptionIaaS
394 views4 Comments
Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotech, Self-employed
CSPM and DSPM are two distinct strategies for cybersecurity. While there might be some overlapping areas, there are key differences between them.

CSPM focuses on protecting the cloud infrastructure and its resources, covering only IaaS and PaaS components like virtual private clouds or machines, relational databases, compute instances, lambda functions, and serverless components. From a risk management perspective, CSPM lacks data intelligence to prioritize data assets.

DSPM emphasizes the security posture of data in public clouds. It delves into data, gaining insights into its type, sensitivity, geography, transformation over time, and how it's accessed or utilized. With such extensive data intelligence, DSPM aids teams in improving the configuration security posture. This includes controlling access to prevent unauthorized access and encrypting or masking sensitive data to comply with global data privacy regulations, particularly policies around cross-border data transfers and sensitive data sharing.

Need to really drill down on any marketed solution that says it is a Unified solution DSPM+CSPM and look at the gaps it isn't doing.
2
CIO, Self-employed
There are wonderful vendors available in both the DPSM and CSPM spaces and I worry that Wiz is taking on too many functions for their platform. It's hard to be a unicorn, the pressure must be over the top - but when is it too much?
1
CISO in Software, 10,001+ employees
It is about vendors moving to provide an entire suite of services versus businesses needed to individually deploy and integrate a whole set of independent security products and solutions
Chief Information Security Officer in Healthcare and Biotech, 1,001 - 5,000 employees
The need for DSPM and CSPM is different. It depends on the organisation's security posture and how they want to manage their digital risk.  

Content you might like

If your org has a CDAO, do you collaborate with them to improve data security? How?

Security & GRCData Protection & EncryptionSecurity Strategy & Roadmap+1 more
1.4k views

What is the most difficult stage of IoT security?

Device ManagementRisk ManagementThreat & Vulnerability Management+10 more

Hardware-based security (TPM)20%

Public key infrastructure (PKI) for cert-based identity55%

Identity onboarding at manufacturer16%

Integration with the cloud7%


617 PARTICIPANTS
2.6k views1 Upvote

I’m building a list of the leading thinkers and practitioners of modern data security. Who is on your list? Especially at the forefront of quantum resistant encryption and AI security?

Security & GRCDatabaseData Privacy+1 more
Chief Information Security Officer in Healthcare and Biotech, 1,001 - 5,000 employees
Except security professional plz consider lawyers and tech journalist to complete the team. 
2.6k views1 Comment

Are you planning to improve endpoint security in the next 12 months with any of these additional capabilities?

Security & GRCThreat & Vulnerability ManagementIdentity & Access Management (IAM)+8 more

Patch management: to reduce attack surface and avoid system misconfigurations40%

Malware and ransomware prevention: to protect endpoints from social engineering attacks59%

Malware and fileless malware detection and response: to protect against malicious software49%

Threat Hunting: to detect unknown threats that are acting or dormant in your environment and have bypassed the security controls33%

Not planning to change endpoint security strategy10%


188 PARTICIPANTS
440 views

Is exact data match an important capability for your org when it comes to data loss prevention platforms?

Data Protection & EncryptionSecurity Strategy & RoadmapApplications & Platforms
751 views1 Comment