Light Dark
February 9, 2016 By Mark Wah 3 min read
Data Protection

Those of us in the U.S. have just witnessed an exhilarating Super Bowl 50, one of the country’s most-watched broadcasts. Congratulations to the Denver Broncos! The Super Bowl clearly illustrates that it takes teamwork and a superstar team to win the ultimate prize.

Have you ever wondered what a data security superstar team looks like? We aren’t talking about the security operations center (SOC), which employs security intelligence tools such as SIEM, network forensics and sandboxing technologies. We are looking at security teams managing security solutions such as IBM Security Guardium, data loss prevention (DLP), encryption and data-centric security solutions that work closely with the IT organization and line-of-business (LOB) owners. Can the team be complemented by a managed security services provider (MSSP)?

We have discussed the importance of investing in data security solutions and balancing two complementary solutions, data activity monitoring and DLP. Now let’s examine how we assemble the data security superstar team to protect your organization’s crown jewels.

The Data Security Superstar Team

Instead of listing the specific number of individuals needed, it is important to understand the roles that will help you run an effective data security program. For a smaller team, an individual may wear several hats, but it is important to stress the segregation of duties and controlled access to the data security solution.

Data Security Administrator

The data security administrator is responsible for the data security solution and will require training and prior experience with the solution. This individual will need to work with the IT Infrastructure team to deploy the solution, given the architecture and deployment plan.

Communications is also very important for this role since collaboration with the IT deployment team, the database and application teams, the active directory or lightweight directory access protocol teams and the information security team will be required. Additionally, for data security solutions like DLP, coordination with the email/messaging and endpoint team is needed. The data security admin will also assist in integration and automation of the data security solution.

Data Security Access Manager

This role is responsible for setting the right role-based access control for the team. This prevents situations such as the data security admin gaining access to sensitive data or the incident reviewer changing data security policies.

Security and Policy Administrator

The security and policy administrator configures the rules and policies for the data security solution. The security admin will need to understand the technical aspect of IT elements to successfully apply the policies. For example, he or she must understand database constructs to apply the right data activity monitoring and encryption policies.

Alert, Report and Incident Reviewer

The alert, report and incident reviewer will consume the output of the data security solution following the established workflow and processes. For example, he or she will be reviewing DLP incidents and taking the appropriate remediation actions. This role provides feedback within the solution for the security administrator to adjust policies accordingly.

Line-of-Business and Data Owner

LOB and data owners work closely with the security administrator to define the right detecting rules for data. This may include database administrators, application administrators and other administrators of data repositories.

Legal and Compliance Officer

This is an advisory role to help the security administrator build the right rules and policies according to a compliance mandate. The compliance officer will also review processes such as auditing requirements.

Watch the webinar: Is Your Security Staff Addressing the Top 3 Data Protection Challenges?

Partnering With a Managed Security Services Provider

A good data security solution with built-in roles and a well-defined role-based access control configuration can help guide you in defining the data security superstar team. But how do you find them?

The challenge of the cybersecurity skills shortage is not new. How can you build the data security superstar team in this environment given the number of roles that need to be filled? Partnering with a MSSP leader can help complement your data security team and encourage them to be superstars in your organization.

To find the right partner, focus on MSSPs that understand the difference between network-centric and data-centric security solutions and approaches. The MSSP should have the right data security skill set. It also needs to know how to build a team for you and how to integrate the team, processes and workflow with your existing security infrastructure.

How Can I Learn More?

To learn more about data security, please join me and my colleagues at IBM InterConnect 2016 in Las Vegas from Feb. 21–25. I will be hosting an engagement center session at the IBM Security booth No. 314 on Wednesday, Feb. 24, at 1:30 p.m., titled “Why You Should Invest in Data Security and Managed Data Protection Services.”

You can also watch the on-demand webinar “Is Your Security Staff Addressing the Top Three Data Protection Challenges Today?” at your convenience.

 |  |  |  | 
Mark Wah
Senior Product Manager, IBM

More from Data Protection
January 27, 2025

How secure are green data centers? Consider these 5 trends

4 min read - As organizations increasingly measure environmental impact towards their sustainability goals, many are focusing on their data centers.KPMG found that the majority of the top 100 companies measure and report on their sustainability efforts. Because data centers consume a large amount of energy, Gartner predicts that by 2027, three in four organizations will have implemented a data center sustainability program, which often includes implementing a green data center.“Responsibilities for sustainability are increasingly being passed down from CIOs to infrastructure and operations…

January 21, 2025

Why maintaining data cleanliness is essential to cybersecurity

3 min read - Data, in all its shapes and forms, is one of the most critical assets a business possesses. Not only does it provide organizations with critical information regarding their systems and processes, but it also fuels growth and enables better decision-making on all levels.However, like any other piece of company equipment, data can degrade over time and become less valuable if organizations aren’t careful. What’s even more dangerous is that neglecting data hygiene can expose organizations to a number of security…

January 3, 2025

Router reality check: 86% of default passwords have never been changed

4 min read - Misconfigurations remain a popular compromise point — and routers are leading the way.According to recent survey data, 86% of respondents have never changed their router admin password, and 52% have never adjusted any factory settings. This puts attackers in the perfect position to compromise enterprise networks. Why put the time and effort into creating phishing emails and stealing staff data when supposedly secure devices can be accessed using "admin" and "password" as credentials?It's time for a router reality check.Rising router risksRouters…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2025 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature