# Data Management Data Management is an [[Foundational Capabilities|Information Technology]] capability that [[Cybersecurity]] capabilities directly depend on. Data Management involves the practices, architectural techniques, and tools to achieve consistent access to and delivery of data across the spectrum of data subject areas and data structure types in an organization. ## Map ``` mermaid <!-- element style="width:90%; height:auto" --> graph TD subgraph two[Foundational] subgraph subPadding1[ ] direction LR F[Application Management] G[Asset Management] H[Backup and Recovery] I[Code Management] J[Data Management] K[Device Management] L[Domain Management] M[Email Management] N[Identity and Access Management] O[Log Management] P[Network Management] Q[Policy Automation] R[Stream Processing] S[Third Party Management] T[Training] F ~~~ G G ~~~ H H ~~~ I I ~~~ J K ~~~ L L ~~~ M M ~~~ N N ~~~ O P ~~~ Q Q ~~~ R R ~~~ S S ~~~ T end end %% Class Definitions %% ===================== class two subPadding; classDef subPadding fill:none,font-size:20px; class subPadding1,subPadding2 subgraph_padding; classDef subgraph_padding stroke:none,fill:none,margin:0; class F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T internal-link,font-color:white; class Top cssClassL0; classDef cssClassL0 fill:black,stroke:#333,stroke-width:4px,font-size:15px,font-color:white; class A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P,Q,R,S,T cssClassL1; classDef cssClassL1 fill:gray,stroke:#333,stroke-width:0px,font-size:15px,font-color:white; class J cssClassCurrent; classDef cssClassCurrent fill:#2f9503,stroke:#2f9503,stroke-width:4px,font-size:15px,font-color:white; ``` ## Definition >[!cm-definition] Definition  >**Data Management** is the capability of managing data as a valuable resource to unlock its potential for the organization, ensuring its availability, reliability, and security throughout its lifecycle. ## Maturity Model The maturity of data management from a cybersecurity perspective is driven by its readiness in achieving the organization’s data protection and utilization goals. | | Stage 1 | Stage 2 | Stage 3 | Stage 4 | Stage 5 | | ------------- | -------------------------------------------------------------------------------------- | ---------------------------------------------------------------------- | ------------------------------------------ | ----------------------------------------------- | ----------------------------------------------- | | | ***Ability to Respond, Fix, and Restore*** | ***Ability to Plan, Protect, and Monitor*** | ***Ability to Build, Verify, and Defend*** | ***Ability to Strategize, Refine, and Triage*** | ***Ability to Predict, Optimize, and Improve*** | | **Category** | Data Backup<br><br>Data Inventory<br><br>Data Recovery | Data Encryption<br><br>Data Lifecycle<br><br>Data Monitoring | | | | | **Dependent** | [[Asset Restoration]]<br><br>[[Incident Management]]<br><br>[[Remediation Management]] | [[Alert Correlation]]<br><br>[[Allow Listing]]<br><br>[[Deny Listing]] | | | | ## Requirements The requirements for Data Management span across all data for the organization. | Category | Guidance | Dependent Capability | Adversary Persona | | ---------------------- | ------------------------------------------------ | ---------------------------------------- | -------------------------------------------- | | Data Catalog | + Document all data types and storage locations. | [[Data Decoys]]<br><br>[[Data Tainting]] | [[Extortion]]<br><br>[[Insider Threat]] | | Data Classification | | | [[Insider Threat]] | | Data Disposal | | | [[Insider Threat]] | | Data Encryption | | | [[Insider Threat]]<br><br>[[Script Kiddies]] | | Data Handling | | | [[Insider Threat]] | | Data Labeling | | | [[Insider Threat]] | | Data Schema Management | | | [[Insider Threat]] | ## Metrics >[!cm-metric] Metric: [[Total Number of Policy Violations]] >[!cm-metric] Metric: [[Policy Violation Rate]] >[!cm-metric] Metric: [[False Positive Rate]] >[!cm-metric] Metric: [[Data Leakage Rate]] >[!cm-metric] Metric: [[Mean Time to Respond]] >[!cm-metric] Metric: [[Ratio of BYOD vs. Company Issued Devices]] >[!cm-metric] Metric: [[Mean Time to Contain]] >[!cm-metric] Metric: [[% of Incidents that were predictable]] ## Inspiration & Resources + https://cybersecurity-magazine.com/data-loss-prevention-metrics-measuring-the-effectiveness-of-your-dlp-program/ ## Release Notes + [[WIP - Q3 2024 Release#Document Foundational Capabilities and Develop Templates for sub-pages]] ## [Cyber City Map](https://cybercitymap.com/) © 2023-2024 by [ThirdScore, Inc.](https://thirdscore.com/) All Rights Reserved.