Eureka Security today extended the reach of its data security posture management (DSPM) platform to include an ability to protect documents such as spreadsheets stored in file-sharing services such as Office 365, Google Drive, Box and Dropbox.

The company’s software-as-a-service (SaaS) platform is already being used to protect data stored in, for example, a data lake in the cloud. This extension makes it possible to use the same DSPM platform across multiple cloud services to identify where sensitive data is stored, what type of data it is, how it is managed, who and what has access to it and how that access is being invoked.

Eureka Security CEO Liat Hayun said DSPM platforms enable organizations to more granularly apply security policies based on the sensitivity of the data being stored. That approach allows organizations to more effectively manage cybersecurity based on the level of risk they face as data is stored in various cloud services, she noted. In addition, it provides a crucial auditing capability that many organizations still lack, added Hayun.

As regulations pertaining to how data is stored and accessed become more stringent, it’s only a matter of time before more organizations embrace a more data-centric approach to cybersecurity. Sadly, many organizations are still overinvested in network and endpoint security even as it becomes more apparent their data is vulnerable to cyberattacks that evade these defenses.

DSPM doesn’t eliminate the need for network and endpoint security, but it does provide a layer of more granular cybersecurity policies that can be applied to data based on its actual value to the business.

There is, of course, already no shortage of DSPM offerings. Organizations should evaluate them not just on their ability to provide insights into how data is being stored but also their ability to apply security policies within context, said Hayun. For example, data that is stored in a private cloud may not need the same level of controls applied to data residing in a publicly accessible file-sharing service, she noted.

As more data is stolen, it’s clear DSPM has become the last line of defense. It’s not possible, given the limited resources available, to protect all data equally, so cybersecurity teams need to focus on the data that, if compromised, represents the greatest risk to the organization. In the absence of that capability, any theft of credentials or infestation of malware can lead to massive amounts of data either being stolen outright or being encrypted by a ransomware attack. In effect, DSPM enables organizations to limit the scope of a data breach.

It’s not clear how quickly organizations are adopting DSPM, given the current level of economic uncertainty many of them face. The one thing that is certain is cybercriminal syndicates and nation-states have comparatively better access to unlimited resources that, with each passing day, they are honing to better target high-value data. The odds legacy platforms will be able to thwart those increasingly sophisticated attacks are, unfortunately, very slim indeed.