Gartner recently released its much-anticipated 2024 Hype Cycle for Data Security, and the spotlight is shining bright on Data Security Posture Management (DSPM). Described as having a "transformative" potential, DSPM is lauded for its ability to address long-standing data security challenges.
DSPM solutions are gaining traction to fill visibility gaps as companies rush to the cloud. Best of breed solutions provide coverage across multi-clouds and on-premises, providing a holistic approach that can become the authoritative inventory of data for an organization - and a useful up-to-date source of contextual detail to inform other security stack tools such as DLPs, CSPMs/CNAPPS, data catalogs, and more, enabling these to work more effectively. Learn more about this in our latest blog, Data: The Unifying Force Behind Disparate GRC Functions.
However, as with any emerging technology, Gartner also highlighted several obstacles that could hinder its widespread adoption. In this blog, we’ll dive into these obstacles, separating the legitimate concerns from those that shouldn't deter any organization from embracing DSPM—especially when using a comprehensive solution like Sentra.
Obstacle 1: Scanning the Entire Infrastructure for Data Can Take Days to Complete
This concern holds some truth, particularly for organizations managing petabytes of data. Full infrastructure scans can indeed take time. However, this doesn’t mean you're left twiddling your thumbs waiting for results. With Sentra, insights start flowing while the scan is still in progress. Our platform is designed to alert you to data vulnerabilities as they’re detected, ensuring you're never in the dark for long. So, while the scan might take days to finish, actionable insights are available much sooner. And scans for changes occur continuously so you’re always up to date.
Obstacle 2: Limited Integration with Security Controls for Remediation
Gartner pointed out that DSPM tools often integrate with a limited set of security controls, potentially complicating remediation efforts. While it’s true that each security solution prioritizes certain integrations, this is not a challenge unique to DSPM. Sentra, for instance, offers dozens of built-in integrations with popular ticketing systems and data remediation tools. Moreover, Sentra enables automated actions like auto-masking and revoking unauthorized access via platforms like Okta, seamlessly fitting into your existing workflow processes and enhancing your cloud security posture.
Obstacle 3: DSPM as a Function within Broader Data Security Suites
Another obstacle Gartner identified is that DSPM is sometimes offered merely as a function within a broader suite of data security offerings, which may not integrate well with other vendor products. This is a valid concern. Many cloud security platforms are introducing DSPM modules, but these often lack the discovery breadth and classification granularity needed for robust and accurate data security.
Sentra takes a different approach by going beyond surface-level vulnerabilities. Our platform uses advanced automatic grouping to create "Data Assets"—groups of files with similar structures, security postures, and business functions. This allows Sentra to reduce petabytes of cloud data into manageable data assets, fully scanning all data types daily without relying on random sampling. This level of detail and continuous monitoring is something many other solutions simply cannot match.
Obstacle 4: Inconsistent Product Capabilities Across Environments
Gartner also highlighted the varying capabilities of DSPM solutions, especially when it comes to mapping user access privileges and tracking data across different environments—on-premises, cloud services, and endpoints. While it’s true that DSPM solutions can differ in their abilities, the key is to choose a platform designed for multi-cloud and hybrid environments. Sentra is built precisely for this purpose, offering robust capabilities to identify and protect data across diverse environments (IaaS, PaaS, SaaS, and On-premises), ensuring consistent security and risk management no matter where your data resides.
Conclusion
While Gartner's 2024 Hype Cycle for Data Security outlines several obstacles to DSPM adoption, many of these challenges are either surmountable or less significant than they might first appear. With the right DSPM solution, organizations can effectively overcome these obstacles and harness the full transformative power of DSPM.
Curious about how Sentra can elevate your data security?
Daniel is the Data Team Lead at Sentra. He has nearly a decade of experience in engineering, and in the cybersecurity sector. He earned his BSc in Computer Science at NYU.
Subscribe
Latest Blog Posts
Ward Balcerzak
January 14, 2026
4
Min Read
The Real Business Value of DSPM: Why True ROI Goes Beyond Cost Savings
The Real Business Value of DSPM: Why True ROI Goes Beyond Cost Savings
As enterprises scale cloud usage and adopt AI, the value of Data Security Posture Management (DSPM) is no longer just about checking a tool category box. It’s about protecting what matters most: sensitive data that fuels modern business and AI workflows.
Traditional content on DSPM often focuses on cost components and deployment considerations. That’s useful, but incomplete. To truly justify DSPM to executives and boards, security leaders need a holistic, outcome-focused view that ties data risk reduction to measurable business impact.
In this blog, we unpack the real, measurable benefits of DSPM, beyond just cost savings, and explain how modern DSPM strategies deliver rapid value far beyond what most legacy tools promise.
1. Visibility Isn’t Enough - You Need Context
A common theme in DSPM discussions is that tools help you see where sensitive data lives. That’s important, but it’s only the first step. Real value comes from understanding context. Who can access the data, how it’s being used, and where risk exists in the wider security posture. Organizations that stop at discovery often struggle to prioritize risk and justify spend.
Modern DSPM solutions go further by:
Correlating data locations with access rights and usage patterns
Mapping sensitive data flows across cloud, SaaS, and hybrid environments
Detecting shadow data stores and unmanaged copies that silently increase exposure
Linking findings to business risk and compliance frameworks
This contextual intelligence drives better decisions and higher ROI because teams aren’t just counting sensitive data, they’re continuously governing it.
2. DSPM Saves Time and Shrinks Attack Surface Fast
One way DSPM delivers measurable business value is by streamlining functions that used to be manual, siloed, and slow:
Automated classification reduces manual tagging and human error
Policy enforcement reduces time spent reacting to audit requests
This translates into:
Faster compliance reporting
Shorter audit cycles
Rapid identification and remediation of critical risks
For security leaders, the speed of insight becomes a competitive advantage, especially in environments where data volumes grow daily and AI models can touch every corner of the enterprise.
3. Cost Benefits That Matter, but with Context
Lately I’m hearing many DSPM discussions break down cost components like scanning compute, licensing, operational expenses, and potential cloud savings. That’s a good start because DSPM can reduce cloud waste by identifying stale or redundant data, but it’s not the whole story.
Here’s where truly strategic DSPM differs:
Operational Efficiency
When DSPM tools automate discovery, classification, and risk scoring:
Teams spend less time on manual reports
Alert fatigue drops as noise is filtered
Engineers can focus on higher-value work
Breach Avoidance
Data breaches are expensive. According to industry studies, the average cost of a data breach runs into millions, far outweighing the cost of DSPM itself. A DSPM solution that prevents even one breach or major compliance failure pays for itself tenfold
Compliance as a Value Center
Rather than treating compliance as a cost center consider that:
DSPM reduces audit overhead
Provides automated evidence for frameworks like GDPR, HIPAA, PCI DSS
Improves confidence in reporting accuracy
That’s a measurable business benefit CFOs can appreciate and boards expect.
4. DSPM Reduces Risk Vector Multipliers Like AI
One benefit that’s often under-emphasized is how DSPM reduces risk vector multipliers, the factors that amplify risk exponentially beyond simple exposure counts.
In 2026 and beyond, AI systems are increasingly part of the risk profile. Modern DSPM help reduce the heightened risk from AI by:
Identifying where sensitive data intersects with AI training or inference pipelines
Governing how AI tools and assistants can access sensitive content
Providing risk context so teams can prevent data leakage into LLMs
This kind of data-centric, contextual, and continuous governance should be considered a requirement for secure AI adoption, no compromise.
5. Telling the DSPM ROI Story
The most convincing DSPM ROI stories aren’t spreadsheets, they’re narratives that align with business outcomes. The key to building a credible ROI case is connecting metrics, security impact, and business outcomes:
Metric
Security Impact
Business Outcome
Faster discovery & classification
Fewer blind spots
Reduced breach likelihood
Consistent governance enforcement
Fewer compliance issues
Lower audit cost
Contextual risk scoring
Better prioritization
Efficient resource allocation
AI governance
Controlled AI exposure
Safe innovation
By telling the story this way, security leaders can speak in terms the board and executives care about: risk reduction, compliance assurance, operational alignment, and controlled growth.
How to Evaluate DSPM for Real ROI
To capture tangible return, don’t evaluate DSPM solely on cost or feature checklists. Instead, test for:
1. Scalability Under Real Load
Can the tool discover and classify petabytes of data, including unstructured content, without degrading performance?
Beware of DSPM solutions that drive unexpected cloud expenses due to inefficient scanning or redundant data reads.
4. Integration With Enforcement Workflows
Visibility without action isn’t ROI. Your DSPM should feed DLP, IAM/CIEM, SIEM/SOAR, and compliance pipelines (ticketing, policy automation, alerts).
ROI Is a Journey, Not a Number
Costs matter, but value lives in context. DSPM is not just a cost center, it’s a force multiplier for secure cloud operations, AI readiness, compliance, and risk reduction. Instead of seeing DSPM as another tool, forward-looking teams view it as a fundamental decision support engine that changes how risk is measured, prioritized, and controlled.
Ready to See Real DSPM Value in Your Environment?
Download Sentra’s “DSPM Dirty Little Secrets” guide, a practical roadmap for evaluating DSPM with clarity, confidence, and production reality in mind.
Want a personalized walkthrough of how Sentra delivers measurable DSPM value? 👉 Request a demo
<blogcta-big>
Read More
Ofir Yehoshua
January 13, 2026
3
Min Read
Why Infrastructure Security Is Not Enough to Protect Sensitive Data
Why Infrastructure Security Is Not Enough to Protect Sensitive Data
For years, security programs have focused on protecting infrastructure: networks, servers, endpoints, and applications. That approach made sense when systems were static and data rarely moved. It’s no longer enough.
Recent breach data shows a consistent pattern. Organizations detect incidents, restore systems, and close tickets, yet remain unable to answer the most important question regulators and customers ask next:
Which specific sensitive datasets were accessed or exfiltrated?
Infrastructure security alone cannot answer that question.
Infrastructure Alerts Detect Events, Not Impact
Most security tooling is infrastructure-centric by design. SIEMs, EDRs, NDRs, and CSPM tools monitor hosts, processes, IPs, and configurations. When something abnormal happens, they generate alerts.
What they do not tell you is:
Which specific datasets were accessed
Whether those datasets contained PHI or PII
Whether sensitive data was copied, moved, or exfiltrated
Traditional tools monitor the "plumbing" (network traffic, server logs, etc.) While they can flag that a database was accessed by an unauthorized IP, they often cannot distinguish between an attacker downloading a public template or downloading a table containing 50,000 Social Security numbers. An alert is not the same as understanding the exposure of the data stored inside it. Without that context, incident response teams are forced to infer impact rather than determine it.
The “Did They Access the Data?” Problem
This gap becomes most visible during ransomware and extortion incidents.
In many cases:
Operations are restored from backups
Infrastructure is rebuilt
Attackers are removed from the environment
Yet organizations still cannot confirm whether sensitive data was accessed or exfiltrated during the dwell time.
Without data-level visibility:
Legal and compliance teams must assume worst-case exposure
Breach notifications expand unnecessarily
Regulatory penalties increase due to uncertainty, not necessarily damage
The inability to scope an incident accurately is not a tooling failure during the breach, it is a visibility failure that existed long before the breach occurred. Under regulations like GDPR or CCPA/CPRA, if an organization cannot prove that sensitive data wasn’t accessed during a breach, they are often legally required to notify all potentially affected parties. This ‘over-notification’ is costly and damaging to reputation.
Data Movement Is the Real Attack Surface
Modern environments are defined by constant data movement:
Cloud migrations
SaaS integrations
Analytics pipelines
AI and ML workflows
Each transition creates blind spots.
Legacy platforms awaiting migration often sit in a “wait state” with reduced monitoring. Data copied into cloud storage or fed into AI pipelines frequently loses lineage and classification context. Once lineage breaks, traditional controls no longer apply consistently. From an attacker’s perspective, these environments are ideal. From a defender’s perspective, they are blind spots.
Policies Are Not Proof
Most organizations can produce policies stating that sensitive data is encrypted, access-controlled, and monitored. Increasingly, regulators are moving from point-in-time audits to requiring continuous evidence of control.
Regulators are asking for evidence:
Where does PHI live right now?
Who or what can access it?
How do you know this hasn’t changed since the last audit?
Point-in-time audits cannot answer those questions. Neither can static documentation. Exposure and access drift continuously, especially in cloud and AI-driven environments.
Compliance depends on continuous control, not periodic attestation.
What Data-Centric Security Actually Requires
Accurately scoping breach impact and proving compliance requires security visibility that is anchored to the data itself, not the infrastructure surrounding it.
At a minimum, this means:
Continuous discovery and classification of sensitive data
End-to-end data lineage across cloud, SaaS, and migration states
Clear visibility into which identities, services, and AI tools can access specific datasets
Detection and response signals tied directly to sensitive data exposure and movement
This is the operational foundation of Data Security Posture Management (DSPM) and Data Detection and Response (DDR). These capabilities do not replace infrastructure security controls; they close the gap those controls leave behind by connecting security events to actual data impact.
This is the problem space Sentra was built to address.
Sentra provides continuous visibility into where sensitive data lives, how it moves, and who or what can access it, and ties security and compliance outcomes to that visibility. Without this layer, organizations are forced to infer breach impact and compliance posture instead of proving it.
Why Data-Centric Security Is Required for Modern Breach Response and Compliance
Infrastructure security can detect that an incident occurred, but it cannot determine which sensitive data was accessed, copied, or exfiltrated. Without data-level evidence, organizations cannot accurately scope breaches, contain risk, or prove compliance, regardless of how many alerts or controls are in place. Modern breach response and regulatory compliance require continuous visibility into sensitive data, its lineage, and its access paths. Infrastructure-only security models are no longer sufficient.
Want to see how Sentra provides complete visibility and control of sensitive data?
How to Prevent Data Breaches in Healthcare and Protect PHI
How to Prevent Data Breaches in Healthcare and Protect PHI
Preventing data breaches in healthcare is no longer just about stopping cyberattacks. In 2026, the greater challenge is maintaining continuous visibility into where protected health information (PHI) lives, how it is accessed, and how it is reused across modern healthcare environments governed by HIPAA compliance requirements.
PHI no longer resides in a single system or under the control of one team. It moves constantly between cloud platforms, electronic health record (EHR) systems, business associates, analytics environments, and AI tools used throughout healthcare operations. While this data sharing enables better patient care and operational efficiency, it also introduces new healthcare cybersecurity risks that traditional, perimeter-based security controls were never designed to manage.
From Perimeter Security to Data-Centric PHI Protection
Many of the most damaging healthcare data breaches in recent years have shared a common root cause:
limited visibility into sensitive data and unclear ownership across shared environments.
Over-permissioned identities, long-lived third-party access, and AI systems interacting with regulated data without proper governance can silently expand exposure until an incident forces disruptive containment measures. Protecting PHI in 2026 requires a data-centric approach to healthcare data security. Instead of focusing only on where data is stored, organizations must continuously understand what sensitive data exists, who can access it, and how that access changes over time. This shift is foundational to effective HIPAA compliance, resilient incident response, and the safe adoption of AI in healthcare.
The Importance of Data Security in Healthcare
Healthcare organizations continue to face disproportionate risk from data breaches, with incidents carrying significant financial, operational, and reputational consequences. Recent industry analyses show that healthcare remains the costliest industry for data breaches, with the average breach costing approximately $7.4 million globally in 2025 and exceeding $10 million per incident in the U.S., driven by regulatory penalties and prolonged recovery efforts.
The scale and complexity of healthcare breaches have also increased. As of late 2025, hundreds of large healthcare data breaches affecting tens of millions of individuals had already been reported in the U.S. alone, including incidents tied to shared infrastructure and third-party service providers. These events highlight how a single exposure can rapidly expand across interconnected healthcare ecosystems.
Importantly, many recent breaches are no longer caused solely by external attacks. Instead, they stem from internal access issues such as over-permissioned identities, misdirected data sharing, and long-lived third-party access, risks now amplified by analytics platforms and AI tools interacting directly with regulated data. As healthcare organizations continue to adopt new technologies, protecting PHI increasingly depends on controlling how sensitive data is accessed, shared, and reused over time, not just where it is stored.
Healthcare Cybersecurity Regulations & Standards
For healthcare organizations, it is especially crucial to protect patient data and follow industry rules. Transitioning to the cloud shouldn't disrupt compliance efforts. But staying on top of strict data privacy regulations adds another layer of complexity to managing healthcare data.
Below are some of the top healthcare cybersecurity regulations relevant to the industry.
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
HIPAA is pivotal in healthcare cybersecurity, mandating compliance for covered entities and business associates. It requires regular risk assessments and adherence to administrative, physical, and technical safeguards for electronic Protected Health Information (ePHI).
HIPAA, at its core, establishes national standards to protect sensitive patient health information from being disclosed without the patient's consent or knowledge. For leaders in healthcare data management, understanding the nuances of HIPAA's Titles and amendments is essential. Particularly relevant are Title II's (HIPAA Administrative Simplification), Privacy Rule, and Security Rule.
HHS 405(d)
HHS 405(d) regulations, under the Cybersecurity Act of 2015, establish voluntary guidelines for healthcare cybersecurity, embodied in the Healthcare Industry Cybersecurity Practices (HICP) framework. This framework covers email, endpoint protection, access management, and more.
Health Information Technology for Economic and Clinical Health (HITECH) Act
The HITECH Act, enacted in 2009, enhances HIPAA requirements, promoting the adoption of healthcare technology and imposing stricter penalties for HIPAA violations. It mandates annual cybersecurity audits and extends HIPAA regulations to business associates.
Payment Card Industry Data Security Standard (PCI DSS)
PCI DSS applies to healthcare organizations processing credit cards, ensuring the protection of cardholder data. Compliance is necessary for handling patient card information.
Quality System Regulation (QSR)
The Quality System Regulation (QSR), enforced by the FDA, focuses on securing medical devices, requiring measures like access prevention, risk management, and firmware updates. Proposed changes aim to align QSR with ISO 13485 standards.
Health Information Trust Alliance (HITRUST)
HITRUST, a global cybersecurity framework, aids healthcare organizations in aligning with HIPAA guidelines, offering guidance on various aspects including endpoint security, risk management, and physical security. Though not mandatory, HITRUST serves as a valuable resource for bolstering compliance efforts.
Preventing Data Breaches in Healthcare with Sentra
Sentra’s Data Security Posture Management (DSPM) automatically discovers and accurately classifies your sensitive patient data. By seamlessly building a well-organized data catalog, Sentra ensures all your patient data is secure, stored correctly and in compliance. The best part is, your data never leaves your environment.
Discover and Accurately Classify your High Risk Patient Data
Discover and accurately classify your high-risk patient data with ease using Sentra. Within minutes, Sentra empowers you to uncover and comprehend your Protected Health Information (PHI), spanning patient medical history, treatment plans, lab tests, radiology images, physician notes, and more.
Seamlessly build a well-organized data catalog, ensuring that all your high-risk patient data is securely stored and compliant. As a cloud-native solution, Sentra enables you to scale security across your entire data estate. Your cloud data remains within your environment, putting you in complete control of your sensitive data at all times.
Sentra Reduces Data Risks by Controlling Posture and Access
Sentra is your solution for reducing data risks and preventing data breaches by efficiently controlling posture and access. With Sentra, you can enforce security policies for sensitive data, receiving alerts to violations promptly. It detects which users have access to sensitive Protected Health Information (PHI), ensuring transparency and accountability. Additionally, Sentra helps you manage third-party access risks by offering varying levels of access to different providers. Achieve least privilege access by leveraging Sentra's continuous monitoring and tracking capabilities, which keep tabs on access keys and user identities. This ensures that each user has precisely the right access permissions, minimizing the risk of unauthorized data exposure.
Stay on Top of Healthcare Data Regulations with Sentra
Sentra’s Data Security Posture Management (DSPM) solution streamlines and automates the management of your regulated patient data, preparing you for significant security audits. Gain a comprehensive view of all sensitive patient data, allowing our platform to automatically identify compliance gaps for proactive and swift resolution.
Sentra Dashboard shows the issues grouped by compliance frameworks, such as HIPAA and what the compliance posture is
Easily translate your compliance requirements for HIPAA, GDPR, and HITECH into actionable rules and policies, receiving notifications when data is copied or moved between regions. With Sentra, running compliance reports becomes a breeze, providing you with all the necessary evidence, including sensitive data types, regulatory controls, and compliance status for relevant regulatory frameworks.
Conclusion: From Perimeter Security to Continuous Data Governance
Healthcare organizations can no longer rely on perimeter-based controls or periodic audits to prevent data breaches. As PHI spreads across cloud platforms, business associates, and AI-driven workflows, the risk is no longer confined to a single system, it’s embedded in how data is accessed, shared, and reused.
Protecting PHI in 2026 requires continuous visibility into sensitive data and the ability to govern it throughout its lifecycle. This means understanding what regulated data exists, who has access to it, and how that access changes over time - across internal teams, third parties, and AI systems. Without this level of insight, compliance with HIPAA and other healthcare regulations becomes reactive, and incident response becomes disruptive by default.
A data-centric security model allows healthcare organizations to reduce their breach impact, limit regulatory exposure, and adopt AI safely without compromising patient trust. By shifting from static controls to continuous data governance, security and compliance teams can move from guessing where PHI lives to managing it with confidence.
To learn more about how you can enhance your data security posture, schedule a demo with one of our data security experts.
<blogcta-big>
Read More
Expert Data Security Insights Straight to Your Inbox
What Should I Do Now:
1
Get the latest GigaOm DSPM Radar report - see why Sentra was named a Leader and Fast Mover in data security. Download now and stay ahead on securing sensitive data.
2
Sign up for a demo and learn how Sentra’s data security platform can uncover hidden risks, simplify compliance, and safeguard your sensitive data.
3
Follow us on LinkedIn, X (Twitter), and YouTube for actionable expert insights on how to strengthen your data security, build a successful DSPM program, and more!
.webp)
