Comforte AG's Andrea Renna on why a data-centric approach to cybersecurity is transforming businesses

The rapid evolution of artificial intelligence (AI), the rise of shadow data, advanced cyber threats and a lack of security skills make protecting sensitive data and complying with regulations such as GDPR, PCI DSS and DORA increasingly critical for organisations.

According to Andrea Renna, Sr VP of Sales, Comforte AG, the need for a new, "data-centric" approach to data security can transform the way businesses manage their information.

Presenting the above during the 4th Cyber ​​Security Conference in Nicosia on 26 September, he explained that the value of data to modern businesses cannot be disputed.

As Renna pointed out, the use of data improves products and services, strengthens the sales and marketing department and enables better decisions, ultimately contributing to growth, increased revenue and stronger customer loyalty.

However, with the rise of cyber threats and regulatory frameworks to protect privacy, businesses face enormous financial risks.

The evidence is alarming, the expert said. According to an IBM study, the global average cost of a data breach rose 10% in one year to $4.88 million – the biggest increase since the pandemic era.

Financial damages, such as lost customers and damaged reputation, are key drivers of these costs.

Businesses that suffer data breaches face high costs to repair the damage, including setting up service centers and credit monitoring for affected customers.

Notably, 46% of leaks involve personally identifiable information (PII), such as VAT numbers, email addresses and identity details, which can be used for identity theft or fraud. The cost of losing this data per record averaged $169, with employee personal data being the costliest.

Renna emphasised that traditional security methods are no longer sufficient. Security teams are often seen as an obstacle to data-driven initiatives, creating conflict within businesses.

The solution to this dilemma lies in adopting a "data-centric" approach, where instead of protecting the systems that host the data, sensitive elements are replaced by placeholders. Placeholders remain compatible with business applications and workflows, allowing businesses to use their data with security and confidence.

With this approach, businesses not only secure their data, but can use it to add value to their operations without fearing the consequences of non-compliance or cyber-attacks.

The recent GDPR fines, which reached €1.78 billion in Europe in 2023, show the increased pressure businesses are under to protect data.

Data security should not be seen as an obstacle to innovation, was Renna's central message, and that, instead, data protection should be an integral part of a company's strategy for growth. With a proper, data-centric approach, businesses can use their data securely while achieving their business goals, he noted.

(Source: InBusinessNews)