• Skip to primary navigation
  • Skip to main content

American Cyber Security Management

Secure and certify all your data and processes

  • LinkedIn
  • Twitter
  • YouTube
  • Services
    • Privacy
    • Security
    • ISO/IEC 27001:2022 Training & Certification
    • Secure DevOps
    • InfoSec Risk Management
    • Incident Response Planning
    • Artificial intelligence Readiness Offering
    • AppSec-as-a-Service
    • CISO As A Service
    • DPO As A Service
    • Security Monitoring
    • Security Operations
    • Awareness Training
  • Frameworks
    • CPA
    • CCPA/CPRA
    • GDPR
    • ISO 27001:2022
    • NIST 800-171
    • NIST 800-53
    • US Privacy Laws
  • News
  • Careers
    • DPO
    • CISO
  • Partners
  • About Us
    • Privacy Notice
    • Cookie Policy
  • Contact Us

It’s 10 pm. Do you know where your data is?

October 3, 2018 By American Cyber Security Management

GDPR. HIPAA. PCI. CCPA. As a business owner, it is your responsibility to make sure that your organization is in compliance with the ever-changing regulatory environment around data protection. It can be hard to keep up especially as you are designing and deploying new technology.

Where to start?

1) Know Your Data
The foundation of a data governance program is a complete data mapping that documents the life cycle of your company data. What data is being collected? Where is it being stored? Is data storage secure? Who is it being shared with? Is it necessary? How long do you need to retain it?

2) Classify Your Data
Once you have established an accurate mapping of all of the data that is traversing your company systems, create a data classification system that works for your organization.

Common classifications are:

  • Public
  • Internal – Confidential
  • Internal – Restricted

Of course, these classifications will vary depending on the nature of your business but this is a great place to start!
There are so many benefits of classifying your data, you can create policies and procedures around protected data, help employees to better understand the data that they are handling, utilize technology to help restrict accidental data leakage, and be better prepared in the event of a breach. The benefits are endless, ultimately data classification drives efficiency and reduces overall company risk.

3) Protect Your Data
Now that you are equipped with a data map of classified company data you are in a much better position to take on security vendors. The marketplace is full of technology reps selling the “best security technology”. As you navigate through the options you will be able to clearly communicate what your requirements are and not waste money on solutions that do not make sense.

ACSM can collaborate with you on these steps to building a strong data governance program. Our clients are always amazed at the data that we uncover once we start an assessment and grateful to be able to reduce unwanted risk.

In honor of Cyber Security Awareness Month, ACSM is offering all new clients that sign up in October a 10% discount on an initial assessment.

American Cyber Security Management (AmericanCSM.com) is focused on reducing your risk of data misuse. We do this through our Security, Privacy and DevOps offerings, delivered by seasoned experts.

Filed Under: Cyber Security News

  • ISSA
  • ISACA
  • ISC2
  • IAPP
  • CSA
  • CIS
  • Privacy Notice
  • Cookie Policy
  • Services
  • Frameworks
  • News
  • Careers
  • Partners
  • About Us
  • Contact Us

Copyright © 2025 American Cyber Security Management