Emerging Threats in Data Protection - Anand Thangaraju - Guardians of the Data - Episode # 49
AI has changed the conversation around cybersecurity, but according to Anand Thangaraju, the real challenge has not changed at all: protecting what matters most.
In this episode, Ward talks to Anand where he explains why proprietary data has become every organization's most valuable asset and why traditional security approaches are struggling to keep pace. From data lineage and insider risk to agentic remediation and AI driven security operations, he lays out a future where context matters more than tools and where security teams need to understand not just where data lives, but why it moves and who is moving it.
Takeaways:
- Your crown jewels are your proprietary data. In an AI driven world where public information is being commoditized by the minute, the only thing that gives your organization a true competitive edge is what it knows that no one else does. If you do not have a strong grip on that proprietary data, you do not have a fighting chance.
- Stop waiting for the perfect moment to turn on visibility. One of the most common traps CISOs fall into is holding off on DSPM adoption until every compensating control is already in place. Start building now, because the longer you wait for perfection, the more your data sprawl grows into something that is genuinely unmanageable.
- Treat data security as a program, not a product. No single tool is going to solve your data security problem. The organizations making real progress are the ones pairing the right technology with the right people, clear policies, and a genuine understanding of what bad actors would actually want from their environment.
- Build your insider risk and data security programs together. These two disciplines share the same foundation: knowing where your sensitive data lives, who is touching it, and whether that behavior is normal. Tackle them in silos and you are leaving the most important use cases on the table.
- Before you automate remediation, earn the right to do it. A crawl, walk, run approach is not timidity, it is strategy. Start with alert only mode, study your false positive rate, and give your model time to learn the nuances of your business before you hand it the keys to take action.
Quote of the Show:
- "The model should be almost like a trained security architect or security engineer. It should be able to reason for every single action it's taking." - Anand Thangaraju
Links:
- LinkedIn: https://www.linkedin.com/in/athangaraju/
Ways to Tune In:
- Transistor: https://guardiansofthedata.show/
- Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ
- Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323
- Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
- iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
- YouTube: https://www.youtube.com/@GuardiansoftheDataPod
Creators and Guests
