Check out all the on-demand sessions from the Intelligent Security Summit here.
“Where is my organization’s critical data?” is the CISO’s million-dollar question. Today, security leaders need to be able to pinpoint what data assets exist and where, so they can implement access controls to protect them.
Unfortunately there’s a data visibility crisis in the cloud, with organizations reporting 55% of their data is dark and unidentified. This not only makes it difficult to generate insights, it leaves valuable data exposed and vulnerable to external threat actors.
Cloud security vendor Immuta aims to address this by automatically discovering and classifying data assets in the cloud. Today the company received a strategic investment of an undisclosed amount from ServiceNow, an extension to its $100 million Series E funding round last year.
With cloud adoption on the rise, the ability to detect and classify data assets wherever they exist in hybrid and multicloud environments is now foundational, not just for enterprise security, but for enabling decision-makers to derive insights from their data in a way that’s compliant.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
Tackling the cloud data visibility crisis
A core challenge for security leaders addressing the data visibility crisis is the need to be able to identify sensitive data in the cloud while implementing access controls to prevent unauthorized users from accessing it.
Implementing access controls is an area where many organizations are falling short. An Immuta survey of 600 data professionals found that 97% faced challenges in this area, with 54% reporting that securing data with appropriate access rights is one of their biggest hurdles.
“The underlying problem is that securing data in the cloud is overly complex,” said Matthew Carroll, CEO of Immuta. “Today organizations are managing massive amounts of data across many different databases. They also have a significant increase in the number of users that need to access that data.”
He added, “At the heart of it, there is an exponential explosion of data policies to manage who can access what data. Yet the data is difficult to classify and tag. Thousands of data policies must be created and managed. And it’s nearly impossible to monitor how the data is used.”
From a compliance perspective, if it can’t be monitored it can’t be used. Nowhere is this more illustrated than in the fact that one of Immuta’s customers, one of the largest banks in the U.S., had to shut down a data lake after just two years of operation because security and compliance teams had no visibility into what data it contained.
Immuta aims to avoid these scenarios through a trio of security solutions: Discover, which scans, classifies and tags sensitive data; Secure, which can design and enforce data access controls; and Detect, which continuously monitors data usage and analyzes the risk of leaks.
The idea is to equip CISOs and security leaders with a single tool they can use to identify and protect data assets in the cloud.
The data security market
Immuta’s solution falls within the big-data security market, which Allied Market Research valued at $13.7 billion in 2019 and is projected to grow to $54.2 billion by 2027 as organizations turn to data analytics to enhance their decision-making on protecting their data assets.
One of Immuta’s main competitors is Okera, which uses machine learning to automatically classify and tag sensitive data in the cloud, with the option to de-identify, mask, tokenise, encrypt or anonymize user data.
Okera is currently valued at $29.6 million following a $15 million funding round led by ClearSky Security in December 2021.
Another competitor is Privacera, a data security and access control provider offering a platform to automatically discover data and automate data governance processes to support compliance with SOX, PII, PCI, CCPA, HIPAA, FISMA and the GDPR.
Privacera most recently raised $50 million in funding with a Series B funding round in 2021.
According to Carroll, the main differentiator between Immuta and its competitors is its use of attribute-based access control.
“Immuta leverages attribute-based access control (ABAC), rather than the traditional role-based access control (RBAC), which according to a recent GigaOm report reduces policy burdens by 93 times and can save organizations roughly $500,000 in time and opportunity costs,” Carroll said.
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.