Check out all Intelligent Security Summit on-demand sessions here.
“Where is my organization’s critical data?” is the CISO’s million dollar question. Today, security leaders need to be able to identify what data assets exist and where so they can implement access controls to protect them.
Unfortunately, there is a data visibility crisis in the cloud, with organizations reporting that 55% of their data is obscure and unidentified. Not only does this make it difficult to generate insights, it also leaves valuable data exposed and vulnerable to external threats.
Cloud security provider Immuta aims to solve this by automatically discovering and classifying data assets in the cloud. Today, the company received an undisclosed strategic investment from ServiceNow, an extension of its $100 million Series E funding round last year.
With increased cloud adoption, the ability to discover and classify data assets wherever they exist in hybrid and multicloud environments is now critical, not only for enterprise security, but also for enabling decision makers to gain insights from their data in a compatible way.
On-demand smart security meeting
Learn the critical role of AI and ML in cybersecurity and industry-specific case studies. Watch sessions on demand today.
Addressing the Data Visibility Crisis in the Cloud
A central challenge for security leaders dealing with the data visibility crisis is the need to identify sensitive data in the cloud while implementing access controls to prevent unauthorized users from accessing it.
Implementing access controls is an area where many organizations fail. An Immuta survey of 600 data professionals found that 97% faced challenges in this area, with 54% reporting that protecting data with appropriate access rights is one of their biggest obstacles.
“The underlying problem is that protecting data in the cloud is overly complex,” said Matthew Carroll, CEO of Immuta. “Today, organizations are managing large amounts of data across many different databases. They also have a significant increase in the number of users who need access to this data.”
He added: “At the heart of this is an exponential explosion of data policies to manage who can access what data. However, the data is difficult to classify and score. Thousands of data policies must be created and managed. And it’s almost impossible to monitor how the data is used.”
From a compliance standpoint, if it can’t be monitored, it can’t be used. Nowhere is this illustrated more than in the fact that one of Immuta’s customers, one of the largest US banks, had to close a data lake after just two years of operation because the security and compliance teams lacked visibility into which data it contained.
Immuta aims to prevent these scenarios through a trio of security solutions: Discover, which scans, classifies and marks sensitive data; Secure, who can design and enforce data access controls; and Detect, which continuously monitors data usage and analyzes the risk of leaks.
The idea is to equip CISOs and security leaders with a single tool they can use to identify and protect data assets in the cloud.
The data security market
Immuta’s solution fits into the big data security market, which Allied Market Research valued at $13.7 billion in 2019 and is expected to grow to $54.2 billion by 2027 as organizations turn to analytics to improve your decision-making about protecting your data assets.
One of Immuta’s main competitors is Okera, which uses machine learning to automatically classify and tag sensitive data in the cloud, with the option to de-identify, mask, tokenize, encrypt or anonymize user data.
Okera is currently valued at $29.6 million following a $15 million funding round led by ClearSky Security in December 2021.
Another competitor is Privacera, a data security and access control provider that offers a platform to automatically discover data and automate data governance processes to support SOX, PII, PCI, CCPA, HIPAA, FISMA and GDPR compliance.
Privacera recently raised $50 million in funding with a Series B funding round in 2021.
According to Carroll, the main differentiator between Immuta and its competitors is the use of attribute-based access control.
“Immuta uses attribute-based access control (ABAC) instead of traditional role-based access control (RBAC), which, according to a recent report by GigaOm, reduces policy burdens by 93 times and can save organizations an estimated $500,000 in time and opportunity costs, Carrol said.
VentureBeat’s Mission is to be a digital town square for technical decision makers to gain insight into transformative business technology and transactions. Discover our Briefings.