Data-Centric Security and Privacy Engineering_ How

In 2025, security leaders stopped treating the network as the main boundary and started treating data as the perimeter. In this episode, we unpack what “data-centric security” really means with Can POLAT (15+ years in security & privacy engineering) and turn it into a practical roadmap: data classification and modern DLP, encryption across the full data lifecycle (at rest, in transit, and increasingly in use), confidential computing/secure enclaves, and the telemetry/observability you need to continuously watch how sensitive data is accessed and moved. We also explore how privacy engineering and privacy-by-design are converging with security under regulatory pressure—and why many organizations are building a single, unified “data protection” strategy instead of separate privacy and security programs. Key takeawaysStart with a data inventory + classification model before expecting DLP to be effective. Treat encryption as a baseline (rest + transit) and plan for “data in use” protection. Use telemetry + observability to detect abnormal data access and enable rapid containment. Follow a repeatable framework: inventory → access controls → protection → monitoring → incident response → continuous improvement.