How Natera safeguards AWS data with data security posture management (SEC222)

Nera's Cybersecurity Strategy and Data Protection Approach

About the Speaker

  • The speaker, who joined Nera in February 2022, has a background in cybersecurity, having previously worked at Puto Networks, Visa, and Copon.
  • Nera is a fast-growing bioinformatics company with around 5,000 employees worldwide, focused on DNA testing and early cancer detection using AI.

Cybersecurity Challenges

  • Nera handles a lot of healthcare data, which is a heavily regulated industry subject to GDPR, HIPAA, and other standards.
  • Protecting customer and patient information is a top priority for the company.
  • The increasing amount of data collected, stored, and processed across the enterprise (on-premises and in the cloud) has dramatically increased the attack surface, posing a significant challenge.
  • As a growing company, Nera has limited resources to protect all this data, so they need to prioritize and optimize their efforts.

Nera's Data Management and Protection Approach

  • Nera's architecture involves a global workforce accessing data on the AWS cloud, as well as data in SaaS platforms like Salesforce, Snowflake, and G Suite.
  • Data classification is a critical first step to understand the sensitivity and importance of different data sets, allowing them to focus protection efforts on the most critical information.
  • A key strategy is to reduce the number of sensitive data copies, particularly in non-production environments, to simplify data management and reduce costs.
  • Nera has leveraged BigID's data discovery and inventory capabilities to gain visibility into their data landscape across cloud and SaaS platforms.

Challenges Posed by AI

  • AI has introduced new challenges, as data is now the core enabler for many AI use cases, leading to increased data sharing and access requirements.
  • AI has also blurred the boundaries between fraud and traditional security attacks, with the emergence of AI-driven malicious actors like ChatGPT-facilitated attacks.
  • Nera needs to adapt their security practices to address these AI-driven changes in the threat landscape.

Outcomes and Future Vision

  • Nera has achieved several key outcomes through their efforts, including:
    • Reduced the number of data copies, simplifying data management and reducing costs.
    • Automated compliance and regulatory processes like data discovery and lineage.
    • Established a foundation for data governance and AI-driven security operations.
  • Nera sees the security landscape changing dramatically in the next 5 years, with tighter data regulations, AI-driven security assessments and anomaly detection, and the need for more advanced, revolutionary tools to keep up with the pace of change.
  • Nera is committed to collaborating with vendors like BigID to evolve their security and data protection capabilities to meet these future challenges.

Your Digital Journey deserves a great story.

Build one with us.

Cookies Icon

These cookies are used to collect information about how you interact with this website and allow us to remember you. We use this information to improve and customize your browsing experience, as well as for analytics.

If you decline, your information won’t be tracked when you visit this website. A single cookie will be used in your browser to remember your preference.

Talk to us