New York (US) and London (UK): Commenting on a presentation given by the technical head of ENISA earlier this month - in which he outlined the key principles of the EC's Cybersecurity Strategy - Varonis Systems says that there are clear lessons that can be learned from the corporate data governance perspective.
David Gibson, the data governance specialist's Vice President of Strategy, says that Steve Purser's comments that the EC Cybersecurity Plan - which is expected in Q1 of next year - will include provisions to develop, continually evaluate and maintain member countries' national security plans is a sure sign of an agency taking a responsible and mature approach to its governance role.
"The recognition that the EC is actively working with other bodies to ensure that the cross-border and global nature of cybersecurity is fully addressed is something that should be applauded," he said.
"It is clear from Steve Purser's comments that the European Commission is taking a guiding - rather than supervisory - role on cybersecurity plans for the individual countries that make up the European Union," he added.
The Varonis VP of strategy went on to say that the lessons that can be learned from this - and translated to a corporate environment - are that advances are more likely to be achieved through involvement and co-operation between various departments, including IT security, rather than treating IT security as a single body with responsibility for data protection.
"If we translate this to a corporate environment, we have observed that involvement from different departments and data owners is the best way forward, especially when combined with automation as an integral part of the IT and data governance platform," he said.
"A data governance approach that centres on reliable authentication, identification and involvement of data owners in authorisation processes, and comprehensive activity monitoring helps ensure accessibility and allows for any abuse of that data to be spotted and locked down quickly," he added.