Securiti leads GigaOm's DSPM Vendor Evaluation with top ratings across technical capabilities & business value.

View

3 Key Takeaways For DSPM from Gartner’s Innovation Insight Report

Published September 27, 2023
Author

Anas Baig

Product Marketing Manager at Securiti

Listen to the content

Cloud makes it easier for organizations to collect and analyze data, enabling unprecedented scalability, growth, and innovation. However, it also has many data management, security, and compliance challenges. Take, for instance, dark data. Gartner defines dark data as the “information assets organizations collect, process, and store during regular business activities but generally fail to use for other purposes."

Regardless, leaving dark data repositories undiscovered, especially when they contain sensitive data, is risky. It may expose organizations to costly data breaches, regulatory fines, and irreparable reputational damage.

Securiti Tops DSPM Ratings

Securiti’s Data Command Center dominates GigaOm’s DSPM Evaluation with highest ratings for key capabilities, emerging capabilities, and business criteria.

Read the Report
Securiti Tops DSPM Ratings

To help organizations address these challenges, Gartner introduced Data Security Posture Management (DSPM) as a new category of data security tool in its 2022 Hype Cycle for Data Security Report. Gartner also shared deeper research in the 2023 Innovation Insight for DSPM report to shed further light on this emerging technology. This article delves into the top takeaways from this report to help organizations transform how they protect their most critical asset – data.

Top 3 Takeaways on DSPM from Gartner’s Report

Data Security Posture Management (DSPM) solutions should answer some of the most critical data questions for organizations:

  • Where is our data located?
  • What type of data do we have?
  • What data is sensitive?
  • Who can access sensitive data?
  • What data systems are misconfigured?

Organizations can leverage these insights to establish data protection and governance controls as data flows across repositories and geographies. Overall, DSPM provides a unified approach to cloud data security by bringing data visibility, data classification, risk assessment and mitigation, access governance, and misconfiguration remediation in one solution.

Let’s take a closer look at the key takeaways from Gartner’s Innovation Insights report to understand how DSPM promises to transform cloud data security for companies.

DSPM Provides Visibility Into Dark & Sensitive Data

The report highlights that:

“The proliferation of data across cloud service platforms (CSPs) and geographic boundaries is creating a need for technologies to discover and locate unknown or unused data repositories.”

Data that is tagged and classified properly can be extremely valuable to organizations. But most data is dark data. To put things into perspective, 40% to 90% of data in an enterprise is dark data. Dark data refers to data that is collected by an organization but seldom used or analyzed. Lack of oversight, for instance, is one of the common reasons that contribute to dark data. Organizations with poor governance frameworks fail to establish proper data retention, storage, or deletion policies. Different departments and teams collect, store, or back up data independently. All this data accumulates over time, resulting in dark data.

Another common reason behind dark data is shadow data systems. Shadow data systems are those assets that exist in a corporate environment but aren’t known to IT. Examples include customer-managed databases running on compute infrastructure in the cloud.  Keeping track of such systems, which may not be easily trackable in a cloud provider’s management console, is important as such systems may also contain sensitive data that could expose organizations to security and compliance risks.

Data Security Posture Management (DSPM) can help an organization get better visibility into dark data. It effectively integrates with public cloud services to comprehensively understand all the cloud native and dark data assets. DSPM automatically detects all the data across structured, semi-structured, and unstructured formats as the data assets are discovered.

DSPM further helps teams with sensitive data classification, which is traditionally a huge challenge for large organizations due to consistency and scalability. DSPM classifies data leveraging advanced AI techniques that use Natural Language Processing (NLP) for accurate classification. A robust DSPM must classify data per the business policy and defined industry practices. It should further go into more granular insights with rich metadata, improving data literacy across the organization.

DSPM Delivers Understanding of the Lifecycle of Data

Gartner’s DSPM Innovation Insights report further underscores that:

“DSPM technologies provide visibility into inconsistent data security posture by analyzing the data map and data flows between repositories and across CSPs.”

Data mapping and lineage are necessary as these processes deliver transparency, insights, and data traceability across the data lifecycle.

It is possible to develop data map flows and lineage diagrams manually. But it comes with its fair share of challenges. For instance, mapping and lineage tracking become overwhelming due to various data sources or a lack of appropriate mapping or lineage tools. Secondly, manual efforts tend to lead to human errors and, thus, inconsistent mapping or lineage flows.

DSPM leverages automation to effectively discover and classify data and build a data map flow. The data map enables organizations to visualize how the data flows within the corporate environment while it moves from one system to another or from one source to another source. It further creates a lineage flow that tracks the data's movement and transformation at different stages. It clarifies how the data originated, who accessed it, where it’s stored, and how it transformed.

DSPM Helps with Risk Assessments Across Data Lifecycle

Assessing risks across the data lifecycle is yet another critical component the report points out:

“You need to be able to identify, discover, and track data throughout its life cycle as it is created, stored and analyzed, so that the data security posture for each data platform can be assessed to validate appropriate business purposes.”

When organizations don’t have complete visibility across their data lifecycle, they can’t really assess if the data is appropriately protected. This puts the data at serious risk, such as access governance and misconfiguration risks. For instance, if organizations can’t track data movement, it may become challenging to monitor data access activities. Unauthorized access to sensitive data can go unnoticed and may put the data at risk of unauthorized access or data breach. Similarly, misconfiguration risks could expose data to public destinations or even to third parties. Such misconfiguration risks could lead to data security or privacy incidents.

Similarly, using cloud service providers means that the data can be automatically replicated, backed up, and even processed in data centers specific to those CSPs. This could create data residency and retention risks as these data centers are in distinct geographies and different environments, with every environment having its own retention settings.

DSPM tools have the ability to effectively discover and classify data across structured and unstructured formats through effective data mapping and lineage tracking. A robust DSPM must deliver an efficient metadata management capability. This capability delivers organizations a comprehensive understanding of data regarding quality, availability, accessibility, and confidentiality. These insights can help organizations identify risks associated with sensitive data access, data residency, cross-border transfers, etc.

Protect Data Everywhere with Securiti

Securiti Data Command Center is proud to be named as one of the core DSPM vendors in Gartner’s Innovation Insights: Data Security Posture Management report 2023. Securiti empowers Fortune 1000 companies to protect their data everywhere, across multiple public clouds, data clouds, on-premises, SaaS applications, and data flows.

Securiti’s DSPM goes beyond the public cloud, covering on-premise, SaaS, and data streaming environments as well. Once organizations deploy Securiti’s DSPM, they can extend the same platform to a full Data Command Center. This enables organizations to leverage a unified approach to data security, privacy, governance, and compliance obligations via a common platform.

With Data Command Center, organizations can:

  • Discover cloud-native, shadow, and unknown data assets with support for hundreds of data system connectors;
  • Classify sensitive data across the environments with the highest accuracy and at scale across all platforms;
  • Improve security posture with sensitive data-driven rules and more than 700 pre-defined detections to reduce misconfigurations;
  • Enforce least-privileged access controls and dynamically mask sensitive data across large, multi-account cloud deployments;
  • Automate privacy operations and comply with challenging data protection regulations, including cross-border data transfers.

Interested in learning more? Request a demo now.

Join Our Newsletter

Get all the latest information, law updates and more delivered to your inbox


Share

More Stories that May Interest You
Videos
View More
Mitigating OWASP Top 10 for LLM Applications 2025
Generative AI (GenAI) has transformed how enterprises operate, scale, and grow. There’s an AI application for every purpose, from increasing employee productivity to streamlining...
View More
Top 6 DSPM Use Cases
With the advent of Generative AI (GenAI), data has become more dynamic. New data is generated faster than ever, transmitted to various systems, applications,...
View More
Colorado Privacy Act (CPA)
What is the Colorado Privacy Act? The CPA is a comprehensive privacy law signed on July 7, 2021. It established new standards for personal...
View More
Securiti for Copilot in SaaS
Accelerate Copilot Adoption Securely & Confidently Organizations are eager to adopt Microsoft 365 Copilot for increased productivity and efficiency. However, security concerns like data...
View More
Top 10 Considerations for Safely Using Unstructured Data with GenAI
A staggering 90% of an organization's data is unstructured. This data is rapidly being used to fuel GenAI applications like chatbots and AI search....
View More
Gencore AI: Building Safe, Enterprise-grade AI Systems in Minutes
As enterprises adopt generative AI, data and AI teams face numerous hurdles: securely connecting unstructured and structured data sources, maintaining proper controls and governance,...
View More
Navigating CPRA: Key Insights for Businesses
What is CPRA? The California Privacy Rights Act (CPRA) is California's state legislation aimed at protecting residents' digital privacy. It became effective on January...
View More
Navigating the Shift: Transitioning to PCI DSS v4.0
What is PCI DSS? PCI DSS (Payment Card Industry Data Security Standard) is a set of security standards to ensure safe processing, storage, and...
View More
Securing Data+AI : Playbook for Trust, Risk, and Security Management (TRiSM)
AI's growing security risks have 48% of global CISOs alarmed. Join this keynote to learn about a practical playbook for enabling AI Trust, Risk,...
AWS Startup Showcase Cybersecurity Governance With Generative AI View More
AWS Startup Showcase Cybersecurity Governance With Generative AI
Balancing Innovation and Governance with Generative AI Generative AI has the potential to disrupt all aspects of business, with powerful new capabilities. However, with...

Spotlight Talks

Spotlight 11:29
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Not Hype — Dye & Durham’s Analytics Head Shows What AI at Work Really Looks Like
Watch Now View
Spotlight 11:18
Rewiring Real Estate Finance — How Walker & Dunlop Is Giving Its $135B Portfolio a Data-First Refresh
Watch Now View
Spotlight 13:38
Accelerating Miracles — How Sanofi is Embedding AI to Significantly Reduce Drug Development Timelines
Sanofi Thumbnail
Watch Now View
Spotlight 10:35
There’s Been a Material Shift in the Data Center of Gravity
Watch Now View
Spotlight 14:21
AI Governance Is Much More than Technology Risk Mitigation
AI Governance Is Much More than Technology Risk Mitigation
Watch Now View
Spotlight 12:!3
You Can’t Build Pipelines, Warehouses, or AI Platforms Without Business Knowledge
Watch Now View
Spotlight 47:42
Cybersecurity – Where Leaders are Buying, Building, and Partnering
Rehan Jalil
Watch Now View
Spotlight 27:29
Building Safe AI with Databricks and Gencore
Rehan Jalil
Watch Now View
Spotlight 46:02
Building Safe Enterprise AI: A Practical Roadmap
Watch Now View
Spotlight 13:32
Ensuring Solid Governance Is Like Squeezing Jello
Watch Now View
Latest
Simplifying Global Direct Marketing Compliance with Securiti’s Rules Matrix View More
Simplifying Global Direct Marketing Compliance with Securiti’s Rules Matrix
The Challenge of Navigating Global Data Privacy Laws In today’s privacy-first world, navigating data protection laws and direct marketing compliance requirements is no easy...
View More
Databricks AI Summit (DAIS) 2025 Wrap Up
5 New Developments in Databricks and How Securiti Customers Benefit Concerns over the risk of leaking sensitive data are currently the number one blocker...
A Complete Guide on Uganda’s Data Protection and Privacy Act (DPPA) View More
A Complete Guide on Uganda’s Data Protection and Privacy Act (DPPA)
Delve into Uganda's Data Protection and Privacy Act (DPPA), including data subject rights, organizational obligations, and penalties for non-compliance.
Data Risk Management View More
What Is Data Risk Management?
Learn the ins and outs of data risk management, key reasons for data risk and best practices for managing data risks.
Beyond DLP: Guide to Modern Data Protection with DSPM View More
Beyond DLP: Guide to Modern Data Protection with DSPM
Learn why traditional data security tools fall short in the cloud and AI era. Learn how DSPM helps secure sensitive data and ensure compliance.
Mastering Cookie Consent: Global Compliance & Customer Trust View More
Mastering Cookie Consent: Global Compliance & Customer Trust
Discover how to master cookie consent with strategies for global compliance and building customer trust while aligning with key data privacy regulations.
Singapore’s PDPA & Consent: Clear Guidelines for Enterprise Leaders View More
Singapore’s PDPA & Consent: Clear Guidelines for Enterprise Leaders
Download the essential infographic for enterprise leaders: A clear, actionable guide to Singapore’s PDPA and consent requirements. Stay compliant and protect your business.
View More
Australia’s Privacy Act & Consent: Essential Guide for Enterprise Leaders
Download the essential infographic for enterprise leaders: A clear, actionable guide to Australia’s Privacy Act and consent requirements. Stay compliant and protect your business.
Gencore AI and Amazon Bedrock View More
Building Enterprise-Grade AI with Gencore AI and Amazon Bedrock
Learn how to build secure enterprise AI copilots with Amazon Bedrock models, protect AI interactions with LLM Firewalls, and apply OWASP Top 10 LLM...
DSPM Vendor Due Diligence View More
DSPM Vendor Due Diligence
DSPM’s Buyer Guide ebook is designed to help CISOs and their teams ask the right questions and consider the right capabilities when looking for...
What's
New