Back to Blog
Minute Read

Data Security is Broken. The Comprehensive Cyber Capabilities Working Group is Here to Fix it

Howard Ting

Enterprise data is far more decentralized, shared, and at-risk than ever before due to the megatrends of cloud adoption, hybrid work, and ransomware. Yet data security is only covered incidentally as part of security frameworks and best practices.

In this article

What’s needed is a data-centric security model that applies not just to one asset class like network or cloud but wherever data goes in a modern organization. Over the past several months I’ve been assembling a world-class community of security leaders who will form a working group to focus on this.

This week, I’m proud to take part in the launch of the Comprehensive Cyber Capabilities Working Group (C3WG) to explore what cybersecurity capabilities are needed to protect the assets of an organization against today’s threats. The C3WG brings together security leaders from across industries to collaboratively develop a complete set of data security capabilities, which will be published in the industry-first Data Security Maturity Model (DSMM), bringing a consistent, data-centric element to enterprise security and risk management programs.

Data is at More at Risk Than Ever Before

Between 2018 and 2020, there was a 47% increase in the frequency of insider threats, with employees responsible for around 22% of all security incidents. As many organizations continue to shift to the cloud, today’s data is constantly being used, modified, and shared by users over dozens of applications and services. Just looking at the collaborative work, social media, and personal cloud services we use every day across the Cyberhaven team reminds me of the massive change we’re seeing take place – and the challenges of securing an organization’s data.

Organizations have to consider not just regulated PII, PHI, and PCI data, but also intellectual property, financial reports, product plans, legal documents, board presentations, and more.  We’re seeing insiders leaving companies for competitors at unprecedented rates during the Great Resignation, increasing the risk of traditional IP theft. New external threats are emerging like the rise in double extortion ransomware where attackers demand money in exchange for not leaking commercially valuable or embarrassing information. These changes to the threat landscape are leaving enterprises more exposed and at risk.

Augmenting Existing Frameworks to Enhance Data Security

Many security models cover key aspects of data security and privacy, but usually limited to a particular asset or use case. The goal of the C3WG is to build a Data Security Maturity Model (DSMM) not to replace these models, but rather augment them. The C3WG will chart a new and significantly expanded approach to data security. The DSMM will align with the structure of leading security frameworks such as the NIST Cybersecurity Framework, and add additional layers of data security maturity across all key functions of security.

Instead of relying on network-based boundaries, for example, a data-centric approach will be able to “follow the bouncing ball” of data, so to speak, without losing visibility and control. This type of approach is essential for organizations to fully leverage the power of their data while also keeping it safe from external threats, insider threats, or simple mistakes that can put the availability, confidentiality, or integrity of data at risk.

Data-Centric Security is the Future

To date, most data protection programs are focused on limited use cases, but a recent wave of innovation is now enabling organizations to extend data security principles to virtually any type of data, anywhere in the enterprise. With a “data-centric” focus to data security, organizations can achieve a broader, more consistent approach to protecting any or all of their data. The C3WG aims to provide security leaders a roadmap for how to make this transition and align it to the unique needs of their specific organization.

By aligning available tools and practices to the unique needs and risks of different enterprise environments, the DSMM will ensure that risk context and policy enforcement follow the data no matter how it moves or is modified. This ability to protect any type of data across devices, applications, and cloud assets is essential if organizations are to take advantage of the power of modern collaboration and digital transformations without exposing their data to external threats, insider threats, or simple mistakes.

The way we’ve tried to build data security programs to date has been built on outdated frameworks, and it’s time for a data-centric approach. To learn more about the C3WG and how to participate, visit