Bitdefender Completes Acquisition of Horangi Cyber Security


Products +

Services +

Customers +

Partners +

Resources +

Understanding DSPM & CSPM for Optimal Data Security

On this episode, we had the opportunity to speak to Tyler Young, the CISO at BigID, a leading modern data security vendor that helps organizations with their data security, privacy, compliance, and governance.

In this episode, find out what key lessons Tyler learned as a newly-appointed CISO, how BigID helps organizations protect their data, and how he, as a CISO, thinks is the best way to implement and communicate security needs to various departments and people in an organization.

You'll also learn more about Data Security Posture Management, or DSPM, and how and why Identity Management is closely tied to Data Security.

Click on the image below to be taken to the podcast on YouTube, or listen to the episode on Spotify or Apple Podcasts.

Data Security Posture Management with Tyler Young, CISO of BigID

In the related blog below, we look at the functions of a DSPM and the similarities and differences between a DSPM and a CSPM such as Horangi Warden.

Understanding DSPM & CSPM for Optimal Data Security

Did you shop online last Christmas?

Were you concerned about how the online vendors stored and safeguarded your personal information? How safe are their defenses against breaches?

After all, personal information leaks are prevalent nowadays. For example, in January 2023, there were five significant data breaches just last month, including:

  • On 30 January 2023, British clothing retailer JD Sports reported that the personal information of as many as 10 million customers might have been compromised between November 2018 and October 2020.
  • MailChimp suffered a data breach just six months after its previous one. A threat actor was able to gain access to its systems through a social engineering attack and was then able to access data attached to 133 MailChimp accounts.
  • PayPal customers received a letter on January 18, 2023, claiming that “unauthorized parties” were able to access PayPal customer accounts using stolen login credentials on December 20, 2022.

Affected customers would have had information such as their names, addresses, phone numbers, and partial payment information stolen by a malicious actor.

How about you? How is your organization protecting not just the personal information of your customers but also that of your partners and employees?

Today, organizations store and process massive amounts of sensitive data, from financial to personal data. It, therefore, goes without saying that this information must be protected from cyber threats to ensure its confidentiality, integrity, and availability.

Two ways organizations can achieve this are by utilizing (1) a comprehensive Data Security Posture Management (DSPM) and (2) a Cloud Security Posture Management (CSPM).

What are the differences between a DSPM and a CSPM?

A Data Security Posture Management (DSPM) tool helps organizations manage their security posture by identifying and mitigating security threats to the data it holds, and is critical for organizations to ensure their data's confidentiality, integrity, and availability.

A DSPM assesses and monitors an organization's data security posture, identifying potential risks and vulnerabilities and putting controls in place to mitigate those risks.

A DSPM also helps organizations to comply with data protection regulations, such as GDPR and protects sensitive data, such as personal information and financial data.

On the other hand, a CSPM, or Cloud Security Posture Management, such as Horangi Warden, refers to the management of an organization’s cloud security posture, which includes the security measures and practices implemented by an organization to protect its data in the cloud.

This process involves identifying potential cloud security risks and vulnerabilities, implementing security controls to mitigate those risks, and continuously monitoring the security posture of the cloud environment.

To put it another way: the main difference between DSPM and CSPM is their focus.

A DSPM focuses on the overall security posture of an organization's data, regardless of where it's stored and processed. On the other hand, a CSPM focuses specifically on the security of data stored and processed in cloud environments.

Are there similarities between a DSPM and a CSPM?

Despite differences in their functions, a DSPM and CSPM share some similarities.

Both involve evaluating an organization's security posture, identifying potential risks and vulnerabilities, and implementing security controls to mitigate those risks. Both approaches are also critical for organizations to ensure the security of their data.

In addition, both contribute to your data security in several ways.

For example, a DSPM helps organizations to identify potential data security risks and vulnerabilities and put controls in place to mitigate those risks.

A CSPM helps your organization monitor and manage your cloud environments' security and ensures that your data is protected when it is stored, processed, and transmitted in the cloud.

When choosing between a DSPM and CSPM, the best option will depend on your organization's specific needs and requirements.

If your organization primarily stores and processes data on-premise, then DSPM is likely the most suitable option.

However, if your organization primarily uses cloud-based services to store and process data, then CSPM is likely the more appropriate choice.

Are CPSMs and DSPMs used for specific industries?

Not exactly.

It boils down to what they want to protect and where their data is stored.

DSPM and CSPM are used in many industries, including healthcare, financial services, government, and others that handle sensitive data. They are best suited for organizations that need to ensure the security of their data and meet regulatory compliance requirements.

For example, a financial services organization that handles sensitive customer information would benefit from DSPM. By implementing DSPM, the organization can continuously monitor the security posture of its data and identify potential vulnerabilities, helping to reduce the risk of data breaches and unauthorized access.

On the other hand, a healthcare organization that stores and processes patient information in the cloud would benefit from CSPM. By implementing CSPM, the organization can monitor and manage the security of its cloud environment, ensuring that patient data is protected against unauthorized access and breaches.


A DSPM and a CSPM are both critical components of data security that can significantly reduce the risk of data breaches and ensure your data is secure and protected, is only accessed by authorized people, and comply with data protection regulations.

The only significant difference is that while a DSPM protects data within your organization's network and infrastructure, a CSPM focuses on securing data stored and processed in the cloud.

You can use a combination of DSPM and CSPM to secure your data and ensure its confidentiality, integrity, and availability.

Ultimately, the best approach for your organization depends on your current security posture, potential risks, the type and nature of your data, and the infrastructure it uses.

Isaiah Chua

Isaiah Chua is a Content Marketing Manager at Horangi who is also the producer of the Ask A CISO podcast. He's an avid reader who can't get by a day without good music and gallons of coffee.

Subscribe to the Horangi Newsletter.

Be the first to hear about Horangi's upcoming webinars and events, up-and-coming cyber threats, new solutions, and the future of cybersecurity from our tech experts.