Data is widely recognised as the new oil and Insider Threat is widely recognised as the biggest threat to this asset; often referred to as the enterprise crown jewels. The loss of enterprise data has many ramifications, from financial penalties for non-compliance to a potential loss of competitiveness when an organisations secret sauce is made public – not to mention the cost of dealing with the legal fallout.
The greatest Insider Threat actor, reportedly responsible for 98% of data breaches, is end user error. An often missed cost is that of this Insider who inadvertently shares data with the wrong person –sometimes leading to a very costly and public shaming of the organisation but ultimately resulting in the employee losing their position with the ensuing recruitment and training costs that this entails. I have long stated that there is also a potential for employees to hold an enterprise responsible for not providing the necessary tools to protect an employee in their role – I am sure we will start to see more of this within employment tribunals but that is another matter.
Data has many different guises from customer lists and Payment Card Information (PCI) through to intellectual property in a variety of forms and locations; such as structured data and unstructured data – data in database is structured until it is exported, when it becomes unstructured – most people forget this aspect.
Protecting data from insider threat is always going to be a challenge as the very people that we wish to protect our enterprise assets from are the very same people who need access to this data as part of their day-to-day workflow.
De-perimeterisation is another challenge, as we now also need to protect our data both inside the enterprise network and across a variety of enterprise authorised applications – on premise and in the cloud; not to mention a variety of devices.
Traditional methods for Data Security are found in often clunky appliance based DLP solutions, referred to by Gartner as Enterprise solutions, that monitor data flows but allow for little or no end user interaction. These incumbents are trying to retrofit these essential network solutions to work in an increasingly cloud-based society.
Looking at the needs of today’s enterprise we can identify a variety of requirements. Solutions need to be able to discover sensitive data on PCs, laptops and servers within the enterprise on an ongoing basis – if you don’t know where your data resides how can you protect it!
One of the biggest problems with current data discovery solutions is the lack of context in reports when sensitive data is found – this is a major problem for both the security analyst who is dealing with potentially thousands of matches but no ability to access the data in context. Context in what is ultimately a human Centric solution is very important – users have a day job; end users and security personnel need to be able to quickly remediate when sensitive data is found.
Being able to automate informing the end user that sensitive data has been found, on their PC or laptop, and what the data is, whilst offering a highly automated route to remediation with an element of end user training is a must for regulatory compliance as is the ability to build repositories for servicing Subject Access or Freedom of Information Requests, and increasingly performing early stage legal eDiscovery as Europe moves to a litigation based society akin to the US.
Monitoring real time movement of sensitive data to cloud sync folders, shared repositories whether internal or external and removable devices such as USBs is a powerful way to maintain not only compliance but also assist in educating, training, and in a minority of situations deterring, end users on appropriate behaviour.
Locking your enterprise down to authorised applications is the key to providing enterprise centric real time Data Loss Prevention and classification across cloud applications and email – via event based solutions, as opposed to network based appliances. A significant advantage of this approach is both in cost savings and no network latency introduced.
The answer to today’s data security can be found in not just one tool but a suite of tools. GeoLang’s Ascema platform provides a suite of tools that offer powerful data discovery, end user education and training, reporting in context, real time and content level Data Loss Prevention in the cloud and on premise. Affordable and deployed in minutes, not weeks and months like traditional solutions, Ascema includes an automated Classification capability powered by machine learning algorithms that provide a next generation context driven data protection and compliance solution whatever the size of your organisation.
Taking a wider perspective, digital resilience is now a Board level concern as reported by the Shearwater Group plc in their white paper entitled “Digital Resilience – Understanding Challenges to Resilience in Digital Environments”. However, an overwhelming majority of organisations remain ill-prepared with many simply lacking the insight, knowledge and resources as to how to achieve digital resilience in terms of compliance, continued and future competitiveness and organisational growth. According to the UK’s Information Commissioner’s Office (ICO) 91% of organisations are still unable to fulfil their obligations in terms of reporting data breaches. This is a clear indicator that UK PLC remains unprepared when it comes to regulatory requirements and compliance. Simply put 91% of businesses are still risking 4% of their annual turnover for non-compliance to regulatory requirements. A lack of resources and knowledge is seen as a significant barrier to digital resilience and this is impacting timelines to meet Board directives. GeoLang and our parent company, the Shearwater Group plc, recognise this risk and have assembled a digital resilience platform of resources and solutions that can take the heavy lifting out of digital resilience and compliance. Those organisations that recognise the need for expert support in achieving digital resilience will be the same organisations that will continue to operate and grow in an increasingly regulated digital economy.
Dr Debbie Garside
With a PhD in Computer Science, Debbie is CEO of GeoLang Ltd, part of the Shearwater Group plc, and is a well-known and published expert in cyber security and digital resilience.
GeoLang is a UK based digital resilience and cyber security solution provider whose award winning Ascema platform provides an elegant and simple next generation Data Discovery, Data Loss Prevention and automated classification solution. With the unique ability to protect, detect and remediate at a True Content level on premise, in the cloud and beyond in real time, organisations can now gain real value from open collaboration, business process management and information sharing without the fear of losing control of their high value information. The Shearwater Group plc also includes the following award-winning British solution providers: Brookcourt Solutions, SecurEnvoy and Xcina.