Operational data security: Automating control from risk to remediation

Security leaders today have far greater clarity into their data risk than in the past. Platforms like Cyera continuously discover sensitive data across hybrid estates, map user access, identify excessive or anomalous permissions, and govern risk reduction by orchestrating remediations. Organizations can now quantify exposure with precision — understanding not only where regulated data resides, but also who can reach it and who actually does.

Cyera already collaborates with NetApp to catalog all files stored in file shares, scan those files, and classify content that contains sensitive information. Using this capability, a customer recently scanned 82 million NetApp files in 40 days. Cyera links NetApp files to its identity-based access graph, providing visibility into which identities, human and non-human, can access each file.

AI adoption is accelerating the change in the way enterprise data is being consumed. Sensitive datasets move across snapshots, restores, analytics environments, and derivative copies. AI pipelines and automated workloads increasingly read directly from unstructured storage at scale. Access may be technically authorized, yet the context of use can shift as data propagates across environments.

This offers an opportunity for Cyera and NetApp to expand the collaboration to address this evolution directly. Cyera provides authoritative intelligence on sensitive data and exposure at enterprise scale, including for NetApp-managed infrastructure. At NetApp, we are investing in a storage-native security architecture that unifies sensitivity, lineage, identity context, and real-time storage-layer activity into a single decision fabric. By combining estate-wide data risk intelligence with contextual access evaluation, we aim to translate posture awareness into enforceable, operational control when data is accessed.

In large unstructured environments, the challenge is not only identifying sensitive data — it is understanding how access expands as data moves. Snapshots preserve permissions. Restores reintroduce legacy datasets. Analytics environments inherit broad group access. Identity sprawl and nested Access Control Lists (ACLs) compound over time. The result is an access surface that grows faster than most organizations realize.

Cyera provides the policy intent and enterprise-wide risk intelligence to identify conditions such as large groups with access to restricted data, stale identities retaining sensitive permissions, or anomalous download patterns. Those insights are essential. But applying them consistently across massive file estates requires deep, performant access context at the storage layer.

This is where NetApp’s position becomes strategic. By maintaining continuous visibility into identities, permissions, lineage, and high-scale storage telemetry, NetApp can help operationalize Cyera’s risk intelligence in unstructured environments where permissions and access activity are too large and too dynamic for periodic analysis. Such an integration could align Cyera’s enterprise risk model with storage-layer context so security teams get clearer ownership, faster response, and enforcement that reduces risk without disrupting legitimate workflows.

Cyera defines a consistent risk framework across environments to govern enterprise-wide data security. Its policies identify where sensitive data is broadly accessible, where identities retain permissions they should no longer have, and where access behavior deviates from established patterns. That enterprise-wide data security governance policy language creates clarity and consistency across vendors and data stores.

To operationalize those policies at scale, Cyera integrates natively with its partners to seamlessly obtain the additional context needed and enforce the policies to mitigate risk. At NetApp, we are investing in a data-centric security architecture that brings these relationships together into a continuously updated context model — connecting sensitivity, lineage, identity type, and storage-layer activity. By correlating Cyera’s risk intelligence with NetApp’s storage-native context, access can be evaluated in real time. The result is not a separate control plane but a unified decision fabric in which enterprise risk semantics inform in-path enforcement on NetApp-managed infrastructure.

When data risk intelligence and storage-layer context operate together, governance becomes operational. Exposure is not merely identified. It is evaluated at the moment access occurs.

If a large group retains access to restricted data, that condition can inform how subsequent access is evaluated. If an identity that has not previously interacted with sensitive content initiates high-volume reads, that behavior can be assessed in the context of both exposure policy and live activity. Decisions need not be blunt. They can be precise — gating high-risk bulk reads, throttling anomalous extraction patterns, or isolating only the derivative dataset that violates policy expectations.

This approach preserves legitimate production workflows while aligning access with defined governance intent. Cyera continues to define what constitutes risk across the enterprise. NetApp applies that intelligence at the point where data is consumed. Together, the objective is clear: not only to understand exposure, but to ensure that sensitive data is accessed in ways that consistently reflect enterprise policy — even as environments scale and evolve.

Discovery and classification provide clarity. Policy defines intent. But in environments where data is consumed directly from storage at machine scale, intent must be upheld where access happens.

This offers a strategic opportunity for Cyera and NetApp to expand its collaboration. Cyera will continue to provide the enterprise-wide understanding of sensitive data and exposure. NetApp will apply that intelligence within the data path on NetApp-managed infrastructure — aligning access decisions with defined policy in real time and reducing the gap between awareness and action.

As organizations scale AI, analytics, and automation across unstructured estates, the control point for governance cannot remain abstract. It must reside alongside the data itself. In this model, storage is no longer just infrastructure — it becomes the execution layer where enterprise data risk intelligence is translated into consistent, enforceable outcomes.

Explore more about AI data security at NetApp.