The Data catalog serving cybersecurity

For the third consecutive year, Dawizz is mentioned in the French cybersecurity ecosystem radar. Data protection is one of our priorities, so we are proud to appear in the "Data Security" category. This year again, Wavestone and Le Hub BPI conducted qualitative interviews and identified/mapped the most promising startups/scale-ups in the sector.

Our data cataloging solution – MyDataCatalogue – is included in one of the 7 categories presented in the radar, namely "Data".

• Data
• Network
• Cybercriminals
• Risk Management & Compliance
• Users & their Devices
• Applications
• New Technologies

Dawizz is indeed specialized in data governance (structured and unstructured data). As the publisher of the MyDataCatalogue software, it helps its users on a daily basis with their confidentiality and data security efforts, system hygiene, and prioritizes system surveillance (in addition to SOC/SIEM) by gaining a better understanding of the sensitivity of data in the information system. MyDataCatalogue is a smart, multilingual solution based on recognition and classification algorithms that automates the knowledge of the data (structured or unstructured) present and manipulated within the information system.

WHAT IS THE GOAL OF THE DATA CATALOG IN A CYBERSECURITY APPROACH?

We offer a solution that allows our customers to quickly obtain a complete overview of the data in their information system. Our probes automatically extract metadata from database applications, structured files (CSV, excel, txt), and unstructured files (word, pdf, etc.). With the help of "machine learning" and our knowledge base, these metadata (data that characterizes the data) are automatically normalized and classified by our algorithms. The data is then published in MyDataCatalogue with its metadata.

Security standards such as ANSSI and CIS (Center for Internet Security), among others, strongly recommend the use of a SOC in the context of a strengthened security policy.

SIEMs are handling an increasing amount of data, causing too many alarms, or even false positives, often too late. In addition, the analysis of logs from SIEMs is very time-consuming when analyzing the impacts, due to a lack of functional knowledge of the data manipulated within the applications.

Therefore, the complementarity of our automatic data mapping solution with recognition of the sensitivity level (thanks to algorithms) with a SOC approach seems obvious to allow our customers to prioritize the management of logs from the SIEM.

WHY IS DATA CATALOGING A DECISION AID FOR CISOs/CIOs?

In a context where the growth of data created, exchanged, stored is exponential, a CISO, responsible for defining and ensuring the implementation of the security policy, must be present in a preventive, analytical, and reactive manner.

As Alain Bouillé (CISO of the Caisse des Dépôts) indicates, "The European GDPR regulation helps the company to identify personal data, but everything remains to be done for other digital data"

For relevance, the Chief Information Security Officer (CISO) must increasingly finely analyze the company's information system (SI) data. Our data cataloging and mapping solution allows CISOs of companies and public institutions to make strategic decisions with confidence, with a risk management approach focused on protection while optimizing performance.

To facilitate data analysis by a CISO, dedicated Cybersecurity matchers have been implemented in the solution.

Measures have also been taken in the deployment of our probes. Indeed, a dedicated administration interface for our crawlers simplifies the audit of the SI of different servers and computer stations (shadow IT management). Finally, an alert and notification service has been implemented in MyDataCatalogue, allowing a user or third-party solutions (such as a Security Operations Center) to subscribe to our solution and be alerted, for example, on the discovery of new sensitive data in the information system.

WHAT ARE THE CYBER RISKS COVERED WITH THE DATA CATALOG?

Risk mapping is the main step of any information system security action plan. It aims to define all necessary actions to achieve a residual risk level that can be accepted with full knowledge of the facts, at the right decision-making level. The main challenge for a CISO is to properly prioritize vulnerabilities and not compromise its credibility by launching false alerts that waste time for its colleagues.

In order to effectively secure data, before knowing how to protect, one must ask the question: what needs to be protected? and the answer necessarily involves a precise and exhaustive inventory of the data present in the information heritage with their level of sensitivity.