OpinionHow dark data and scarcity of cyber experts are threatening organizations
Opinion
How dark data and scarcity of cyber experts are threatening organizations
Dima Tatur, VP of Cyber Security at Commit, warns that the shortage of vulnerability researchers and the increasing number of threats require us to adopt smart AI solutions urgently. Only then can we ensure the security of our information - even that which we don't yet know exists.
While tech giants are grappling with layoffs and cutbacks due to the economic crisis, they face another growing challenge: increasingly sophisticated cyberattacks. The rapid shift to remote work and accelerated digitization have led to a sharp increase in organizational data stored in the cloud.
Staff reductions and economic pressures do not contribute to addressing these threats, and recent studies indicate a steady rise in the average costs of cyber breaches in recent years, with many organizations finding themselves more exposed than ever. Behind the alarming numbers lurks a double and dangerous threat: on one hand, "Dark Data," and on the other, a severe shortage of cybersecurity vulnerability researchers, a global problem affecting organizations of all sizes. The result? One in four organizations has already experienced a breach of sensitive data stored in the cloud, and if we don't address the problem in time, it could cost us dearly.
So what exactly is "dark data"? It's all the information that exists in your organization without you even knowing about it. Old files, forgotten email correspondence, system logs - all of these can contain sensitive information you're unaware of. And the problem? You can't protect what you don't know exists. The statistics are concerning: 75% of data created in the cloud in the last two years is "dark data". This means that most of your information is simply floating around without any protection. No wonder one in four organizations has already suffered a cloud data breach. The problem is further exacerbated by the shortage of cybersecurity vulnerability researchers and various cloud misconfiguration issues. The demand for cloud cybersecurity professionals, especially those specializing in cloud vulnerability research and DevSecOps, is skyrocketing, but the number of certified experts simply isn't keeping pace. Studies point to a gap of millions of unfilled cybersecurity positions worldwide, particularly in these specializations, as their training requires significant time and diverse skills.
There's a close and dangerous link between dark data and cyber vulnerabilities. Vulnerability researchers play a crucial role in scanning, analyzing, and identifying potential security breaches, including those aimed at stealing sensitive information hidden in dark data. The shortage of such researchers leaves organizations exposed to many risks inherent in unmanaged information. Not only are we unaware of the information we possess, but we also lack the ability to protect what we don't know exists - unaware of the needle in the haystack. Vulnerability researchers, if in higher supply, would develop advanced methods for scanning dark data and identifying potential risks. In their absence, this problem is particularly acute in the field of AI systems, which requires complex and multidisciplinary expertise. Thus, many organizations find themselves exposed, with too few human "gatekeepers" able to protect sensitive information. This situation creates a dangerous security gap, increasing the risk of breaches and data leaks from dark data.
Therefore, the most effective solution comes from the most obvious direction - the use of advanced AI technologies and machine learning, capable of automatically scanning, analyzing, and classifying vast amounts of information, as well as identifying complex relationships between different pieces of information and exposing risks 24/7 that the human eye might miss. Take MinerEye, for example, which has developed technology allowing organizations to quickly get answers to critical questions such as what personal information, sensitive business information, and customer data the organization has, where the data is located, who has access to it, and how quickly and easily access to it could be available to anyone. This technology automatically scans, indexes, analyzes, tags, and virtually classifies every piece of unstructured and dark information included in the organization's databases and automatically sends the client alerts with recommendations for action in cases of duplications or potential security breaches.
This way, you can not only strengthen defense but also preserve and manage the information itself. In large organizations that have already adopted such technologies, significant security risks that were not previously identified have been exposed. Beyond protection, proper handling and due respect for "Dark data" can turn it from a liability into an asset. Imagine discovering new business insights from information that was deeply buried in your computers; it's like finding a treasure in your backyard that you should worry about and maybe even care for. The main message is that we don't have the luxury of waiting. The shortage of vulnerability researchers and the increasing number of threats require us to adopt smart AI solutions urgently. Only then can we ensure the security of our information - even that which we don't yet know exists.
Dima Tatur is VP of Cyber Security at Commit.
