It is estimated that there are approx. 40 million bacterial cells in a single gram of soil. The microbial ecosystem housed in that soil 'container' represents a complex biomass of varying diversity, prevalence, and persistence.
When considering organizations with a cloud footprint, we find that data proliferates like microorganisms, and left unchecked has an ever increasing attack surface. While many cloud ecosystems may house just a few hundred cloud accounts, each with a few hundred storage instances, contrast that to the tens to hundreds of millions of files that can persist in unstructured & structured data collections in a similarly sized environment. Added to that complexity is the diversity in volume, content categorization, shifting context, overly permissive rights, and multi-access modalities. It is no wonder why data is such a difficult construct to consistently protect.
There was a time when protecting cloud assets such as storage buckets, administrative interfaces, and IaaS resources seemed sufficient as a preventative mechanism to thwart breaches, however, these well-defined constructs do little to properly protect data assets. For this, we look to the nascent area of Data Security Posture Management (DSPM).
Gartner's Hype Cycle for Data Security, 2022 (published Aug '22) report claims that less than 1% of companies leverage DSPM today - though if recent entrants into the vendor market for this category are any indication of anticipated importance, we expect this number to ratchet up dramatically.
Theom, founded 2020, $16.4M raised, Bay Area
Laminar, founded 2020, $67M raised, Tel Aviv
Cyera, founded 2020, $64.5M raised, San Mateo
Dig Security, founded 2021, $45M raised, Tel Aviv
Sentra, founded 2021, $23M raised, Tel Aviv
Flow Security, founded 2020, $10M raised, Tel Aviv
Polar Security, founded 2020, $8.5M raised, Tel Aviv
Eureka Security, founded 2021, $8M raised, Tel Aviv
Concentric AI, founded 2018, $22M raised, Bay Area
Symmetry Systems, founded 2018, $18M raised, San Mateo
Securiti, founded 2019, $156M raised, Bay Area
Open Raven, founded in 2019, $39.1M raised, LA Area
Wiz, founded in 2020, $600M raised, Tel Aviv (just entered the DSPM market)
As you consider this category of disruptor, be on the lookout for the following characteristics in the vendor you choose.
Should be API-based and deployed across your cloud assets quickly
Works across unstructured and structured data (analytical stores, databases, object stores, data in transit)
Can handle petabytes of data without requiring large security teams
Can discover and categorize data, access rights, access patterns, anomalous behavior
Operates as a SaaS solution, analyzing posture in-place
Data security, assurance, and compliance controls follow the data
Risk from breaches is quantifiable in terms of Single-Loss Expectancy (SLE) for each time a risk arises
Vendor can provide Proof of Action for every transaction as assurance that they have not manipulated data
Ink8r monitors this space closely and has interviewed several vendors in the space, with our most recent interview being with Theom (see Podcast). Please have a listen and let us know where you are in your DSPM journey.
