Automation And Data Governance
The cybersecurity industry has not invested enough in automation since it’s impossible to find and hire enough security talent to fulfill customer demand, according to Lynch. Vendors and partners need to look for places to automate to mitigate the talent gap, Lynch said.
Businesses need to focus more on data governance given the extent to which data is targeted by threat actors, according to Lynch. Even though moving computing assets to data is much easier and less risky than moving data itself, Lynch said businesses continue to make horrible choices around where data is located and how—if at all—it’s compartmentalized.
Zero-trust needs to be made practical and actionable to take it beyond just not trusting users or devices by default, Lynch said. Implementing a true zero-trust architecture requires thinking about data flows, organizational precedents and data governance, which Lynch said is something not enough companies are taking seriously.