5 Reasons for Data Security Teams to be Thankful this Thanksgiving

Working in cybersecurity can feel thankless. If you do everything perfectly, your work is largely invisible; but when something goes wrong, all eyes are on you. Add long hours, stress, and chronic understaffing in most security teams, and it’s easy to see why burnout is such a problem in the industry.

Nevertheless, it’s not all doom and gloom. With Thanksgiving coming up, now is a good time to see the glass half full. What can data and cloud security pros be grateful for in November 2023?

1. Easier to get buy-in for data security

One of the most frustrating parts of any job is convincing other people that your job matters. Cybersecurity is typically a preventative and not a cure, which often makes it a ‘hard sell’ to economic decision makers. However, a spate of high profile data breaches - with Okta, Duolingo, MGM and Caesars affected just in the last few months - has made many of these conversations easier.

To be clear, these incidents are no cause for celebration! Having customer data exposed, stolen, or used for ransomware is bad for everyone. But in the spirit of giving thanks, we’re grateful that security folks no longer need to spin up a dozen powerpoints to get management on side. The c-level broadly understands that (e.g.) having terabytes of PII stored in unmonitored dark crevices in your cloud account is a problem – so we can focus on finding the best ways to solve it.

2. The most tedious parts of the job are getting automated

Hands-on cloud security roles contain their fair share of monotonous gruntwork. For example, think how many emails are sent when you’re trying to create an inventory of your company’s sensitive data ahead of a SOC 2 audit; or how much time is then spent writing regular expressions to classify different types of sensitive records.

Luckily, many of these tedious tasks are being automated away. Data security tools can automatically scan across cloud data stores to both discover sensitive data, and to classify and tag the relevant records. While nothing can fully replace human oversight and judgment, automating the busywork allows security teams to spend more time on higher value initiatives. This is something every security professional can be thankful for this holiday season!

3. Cloud security is catching up with on-premise

It used to be that every new ‘digital transformation’ initiative sent shivers down the spine of security professionals. The cloud might have been great for innovation, but in many cases it had simply not caught up with security. For example, we could no longer install agents, but we didn’t really have an alternative for context-aware data protection or real-time threat monitoring. Security concerns were often cast aside, with predictably disastrous results.

The good news is this is broadly no longer the case. Capabilities such as DSPM and DDR are closing the gap between cloud and on-prem capabilities when it comes to protecting data, and the field is continuing to evolve at a breakneck pace. Pretty soon, we’ll all learn to stop worrying and love the public cloud.

4. Consolidation means less demos to sit through and less repetitive work

It’s no secret that many security teams are overwhelmed by the amount of tools they need to evaluate, manage, and license. The sprawling, decentralized nature of the cloud - and even more so the move towards multi-cloud and hybrid architectures - has given rise to countless point solutions for different clouds, different databases in the same cloud, and different workloads. Just tabbing through every one of your dashboards can take up half a day.

This year, we can be thankful that the industry is moving towards a more sensible model. Solutions are becoming more comprehensive in scope, and this trend is being accelerated by several high-profile acquisitions (ahem). A simpler vendor landscape means less time spent on sales calls and more time doing the actual work. More importantly, unified platforms allow us to define a policy once and have it applied automatically across SaaS applications, cloud storage, and databases, as well as throughout the software development lifecycle. This dramatically reduces toil while improving consistency - what’s not to like?

5. Tools are starting to actually feel cloud-native

While vendors have been slapping the word "cloud" on security products for years, many solutions still felt like legacy software that had simply been lifted and shifted. Configuring them was a chore, upgrades were risky, and scaling up capacity involved planning cycles.

Only in recent years are we starting to see tools that are actually designed for cloud environments and modern ways of working - meaning they integrate natively with the customer’s environment, scale automatically, and focus on functionality over configuration. In addition to being more pleasant to work with, cloud-native security tools have all the advantages of other cloud software - such as shifting spend from Capex to Opex and shortening time to value. This is definitely something to be thankful for!

Counting our blessings

While there's always more work to be done, it's healthy to pause and appreciate the progress that’s been  made. Awareness is higher, tools are better, and companies are taking real steps to address burnout. This Thanksgiving, let's be thankful for how far we've come - and replenish our energy for the road ahead!