Back to glossary


Data Security Posture Management (DSPM) is an emerging cybersecurity practice, and set of related technologies, used to protect sensitive data stored in cloud environments. 

DSPM was developed to provide a solution to modern data environments – where organizations store data across multiple managed and unmanaged data stores, and in many cases, across multiple clouds. A DSPM solution enables organizations to assess, monitor, and reduce the risk related to this data, including in hybrid and multi-cloud deployments. 

While specific definitions may differ, DSPM will typically include the following components:

  • Data discovery: Tools to provide visibility into an organization's cloud data inventory, and to identify repositories where sensitive data is stored. This encompasses PII, credit card information, passwords, or other data that is subject to regulations such as GDPR and CCPA.
  • Data classification: Categorizing data based on its sensitivity and risk level
  • Static risk analysis for data assets: Permissions, encrypted storage, and user management 

DSPM differs from Cloud Security Posture Management (CSPM) in that it focuses on the data itself and helps organizations focus on sensitive data assets, rather than the security posture of the cloud environment. DSPM is context-aware and can help surface more relevant alerts by focusing on the data assets where a breach would be most painful.

Learn more about data security posture management (DSPM).