Black Hat USA 2023 Highlights the Need for DSPM

Sasha Emmerling
August 23, 2023

 

More than 20,000 security professionals descended on Black Hat USA 2023 in Las Vegas, now in its 26th year. Normalyze joined more than 100 exhibitors as a topical anchor company focused exclusively on enterprise cloud and hybrid data security. Here is a quick roundup of our data security-focused events at Black Hat.

“Intense Need” for Cloud Data Security

A stream of show attendees visited the Normalyze booth. Many expressed frustration with the inability of typical security tools to provide visibility on data security posture. One security professional said, “We have lots of data but no idea what types of data we have. What do we do?” according to Ravi Ithal, Normalyze co-founder and CTO.

In response, Normalyze booth presentations described the capabilities and benefits of Data Security Posture Management with the Normalyze Cloud Platform:

  • Discover all data across your environments
  • Classify the data based on how sensitive it is
  • Identify top risks based on their monetary impact
  • Assess your compliance posture
  • Remediate top-priority risks

Putting AI Into Cloud Data Security

Black Hat was filled with discussion about the use of AI and cybersecurity. At the Normalyze booth, attendees were keen to hear how the Normalyze Cloud Platform provides two integrated AI features for cloud data security: AI-generated instructions for remediating risks to cloud data, and a natural language search capability to simplify understanding specific data risks within complex cloud infrastructure.

Normalyze head of product Gautam Kanaparthi describes how these cloud data security capabilities work in his blog, Using Generative AI to Simplify Incident Response.

SEC Compliance: A New Role for Normalyze Cloud Platform?

Speaking of incident response, the U.S. Securities and Exchange Commission carries a big stick for public company compliance. Last month the SEC approved a Final Rule on Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure by Public Companies. It requires public companies to annually disclose posture, and to disclose cyber incidents within four days after determining an incident was material. CISOs are already thinking hard about this rule – compliance means they need to already know what sensitive data they have, who has access to it, and if it’s in compliance. (Hint: Normalyze automatically determines these data points for you!)

CISO Roundtable on Data Security

The Black Hat CISO roundtable co-sponsored with ESG revealed more executive-level perspectives on cloud data security. Two CISOs described how Normalyze Cloud Platform is ideal for validating compliance with the new SEC rule on disclosure of security posture and material cyber incidents – and much more. Watch the webinar, What Keeps CISOs Up at Night.


Normalyze Is Now on Snowflake Data Cloud

On August 9, 2023, Normalyze announced the launch of Normalyze Cloud Platform on the Snowflake Data Cloud. This new integration enables a more efficient identification of data security blind spots and supports enterprises in managing their sensitive data in Snowflake Data Cloud. The new AI-enabled integration sharpens the visibility of joint customers into their cloud data security risks and helps them enforce least privilege access to sensitive data.

Normalyze Now Supports On-Premises Data Stores

On August 2, 2023, Normalyze announced new capabilities to protect data across hybrid cloud deployments and on-premises environments. With an extensive platform that already offers comprehensive data security posture management for data at rest and in motion across all IaaS, PaaS, and SaaS data assets, Normalyze now provides IT and security teams with unprecedented visibility into data housed on premises. With Normalyze, companies that operate hybrid cloud environments can now manage their data security posture from a single platform for a complete understanding of their data attack surface.

How Ginkgo Bioworks Achieves Data Security in Biotech

Watch Jade Graziano, cybersecurity engineer at Ginkgo Bioworks describe how her company evaluated, chose, and now uses Normalyze for data classification, access governance, and achieving overall visibility of cloud data security in the data-intensive environment of biotech.

How Netlify Strengthens Access Control for Modern Web Development

Watch Mark Dorsi, CISO at Netlify, share his philosophy and experience on access control for users (including using hardware tokens for passwordless access), reducing the attack surface, and the importance of data classification. Learn how Netlify effectively implements sensitive data access control and security measures in its modern web development environment.


See What Normalyze Can Do For You

To see how Normalyze can protect your multi-cloud and on-premises data, sign up for a product demo. A data security expert will dig into the data security challenges in your environment, and then walk you through the features in Normalyze that eliminate the data security risks that matter most.

Sasha Emmerling

Sasha is a senior marketing executive passionate about innovation and data security and is responsible for driving growth and market leadership. Prior to Normalyze, Sasha held leadership roles at VMware, where she executed go-to-market strategies for product portfolios including NSX, SD-WAN, and SASE. She also led demand generation at Qualys for over six years.

FEATURED

Gartner® Innovation Insight: Data Security Posture Management

FEATURED

DSPM-chat-Richard Stiennon-Ravi-Ithal-Normalyze
Improve Cloud Security: Dark Reading Interviews Ravi Ithal