Whose data is it anyway? Equitable access in cybersecurity

In an era of enormous data volumes and proliferated sources, cybersecurity has become a data management problem. The threat landscape is always evolving, leaving elements of security infrastructure still needing attention. As we prepare for surmounting challenges ahead, it has become clear: Equitable access to our log data is not just a necessity, but a categorical imperative. As threats evolve in sophistication and scale, new paradigms are emerging — security hinges on data management, and it’s important to approach it accordingly.

The original SIEM/SOAR setup, where companies used proprietary systems to analyze and store security data, worked well enough in the pre-cloud era. However, as businesses have massively adopted cloud services, this approach has struggled to keep pace. Not only has it become increasingly costly, but in some cases, the technical demands have reached levels that are almost unreasonable.

Cybercrime’s impact spans far more than just enterprise ransomware — it often poses threats against innocent civilians. One of the most recent attacks is also one of the most advanced: the March 2024 attack on Change Healthcare. Suspected nation-state actors gained access to 6TB of sensitive data. This is just one example of millions.

Response to Cyber Exploitation

Cybersecurity as a whole emerged in the 1970s, during the infancy of professional-grade computers, beginning with the emergence of programs like Creeper and Reaper. Progressing into the 1980s was commercial antivirus software, like John McAfee’s VirusScan. With the popularization of the Internet, cyber data expanded rapidly, making any regulation — governmental or industry standards — nearly impossible, creating confusion on who owns security data, and who should merely have access to it. 

Personal information became vulnerable to exploitation, prompting new firewalls and antivirus programs to protect the public. In the 2000s, crime organizations began funding sophisticated attacks, causing governments to impose stricter penalties for cybercrime. Amid these challenges, the quest for equitable access to data remains, as individuals and companies navigate a fraught digital landscape. 

Aside from penalizing cybercrime, legislation has largely left data alone. Even new enterprises have vast amounts of data within the disjointed and cumbersome security data ecosystem. This issue is escalating: The cybersecurity market size is projected to grow from $172.32 billion in 2023 to $424.97 billion in 2030, with each cyberattack costing companies in the US an average of $9.48 million.

To read the complete article, visit Dark Reading.