Data Quality
data government
roles
data management
Governance
Data governance in particular determines who is authorized to make decisions about data within an organization.
| Roles | Definition |
|---|---|
| Data Owner | A person who ensures compliance with policies and procedures, assigns the proper classification to information assets, and determines the criteria for accessing information assets. |
| Data Controller | A person who determines the purposes for which, and the way in which, personal data is processed. |
| Data processor | A person or organization who processes personal data on behalf of the data controller. |
| Data costidian | A person who implements the classification and security controls for the data in accordance with the rules set out by the data owner. In other words, data custodians are responsible for the technical control of the data. |
| Data steward | A person who ensures that data supports an organization’s business needs and meets regulatory requirements. |
| Data protection officer | A person who oversees an organization’s data protection strategy. |
The Cybersecurity Cube
The cube reminds us of what the task of protecting data entails, including the three dimensons of information security.
Security Principles
The first dimension of the cybersecurity cube identifies the goals to protect cyberspace. The foundational principles of confidentiality, integrity and availability of data provide a focus which enables the cybersecurity expert to prioritize actions when protecting any networked system.
Data confidentiality prevents the disclosure of information to unauthorized people, resources, or processes.
Data integrity refers to the accuracy, consistency, and trustworthiness of data.
Data availability ensures that information is accessible by authorized users when needed.
Data States
The cyberspace domain contains a considerable amount of critically important data. But in what state? The second dimension of the cybersecurity cube represents the three possible data states:
- Data in transit.
- Data at rest or in storage.
- Data in process..
Effective cybersecurity requires the safeguarding of data in all three states. We can’t focus only on protecting data that is being processed, nor just on data in storage.
Safeguards
The third dimension of the cybersecurity cube defines the pillars on which we need to base our cybersecurity defenses in order to protect data and infrastructure in the digital realm.
These are technology, policy and practices, and improving education, training and awareness in people.
Cybersecurity professionals must use a range of different skills and disciplines available to them when protecting data and infrastructure in cyberspace.