Cyber security education with data loss prevention technologies can help stop the insider threat

When knowledge is the best defense

Cybersecurity education with data loss prevention technologies can help stop the insider threat

 

There was a time when the average CSO’s top priority was to build a fortified wall around the company network. Lock hackers out, hold data in. Patch and reinforce continuously to keep systems, users, and IP safe.

 

Not anymore. In today’s security environment some of the most pernicious cyber threats are already inside the perimeter fence.

 

Hear ‘insider threat’ and you might assume we’re talking about rogue employees; cyber moles motivated by greed, malice, or revenge to steal sensitive information, sabotage IT systems, or corrupt important data. But just as worrying is the damage done by employees unintentionally – through acts of simple negligence or careless error.

 

The Ponemon Institute estimates that data security breaches caused by insiders can cost the average business as much as $8.7 million per year. With the threat growing in both scale and complexity, it’s no surprise that more and more businesses are looking to their own people as a way to better protect systems and data.

 

The danger within

 

While Snowden-level events tend to drive discussion around insider threats, breaches enabled by negligent employees and suppliers actually pose a more persistent risk. With their access to systems and facilities, insiders have the power to steal IP, disrupt operations, damage reputation, and expose sensitive information to third parties.

 

Managing cybersecurity’s human element is a significant challenge. People make mistakes. One department can detect odd behavior on the network and fail to inform others. The number of ways data exfiltration can occur is expanding, and that multiplies the potential for both accidental and malicious breaches.

 

With the insider threat growing in both scale and complexity, it’s no surprise that more and more organizations are looking to create a culture of cybersecurity at work. Re-thinking how security training programs are structured and delivered has to be a cornerstone of that effort.

 

What can be done?

 

The first step to addressing insider threats is to evaluate how switched-on current employees are to cyber risks, and understand where the gaps are.

 

The next will be to obtain staff buy-in for new policies that encourage risk-aware behavior, through a program of positive training and coaching.  Better training is key to tackling the intentional and unintentional types of insider threats, both to make staff aware of their own actions and sensitize them to signals indicating adverse behavior in others.

 

In order to be effective, however, any training program has to take into account the diversity of human motivations. That can start by classifying the main categories of insider threats.

 

Insider threat categories:

 

  1. First are criminal acts by malicious insiders who steal data or commit other destructive acts for personal gain or financial reward. A Gartner study found that more than 60 percent of criminal insiders saw the activity as a kind of ‘side hustle’ to supplement their income.

 

  1. Next are breaches caused by negligence.  These are the most common, and also the most difficult to catch.  Employees appear to be secure in their behavior and by following company policy but accidentally cause a breach.   This could include clicking a phishing link or keeping proprietary data on insecure personal devices.

 

  1. The third type of insider threat is the Disgruntled employee who seeks to steal sensitive information, damage systems, or corrupt data. The Gartner study found that, on average, 30 percent of employees took competitive information when leaving one job to start another.

 

  1. Finally,  there are the non-responders to security training, a small but meaningful percentage of the workforce.  While these employees may not exhibit negative behaviors, they are a serious concern as they can fall into consistent patterns of negligence.

 

Creating a culture of security awareness

 

To minimize the impact of insider threats, employees have to be aware of the behaviors that indicate a breach, but also know exactly what kinds of data are sensitive and who should have access to them.  Simply putting employees through a classroom course, having them sign a form, then calling the task complete yields very little of value.

 

Training has to be fortified with knowledge and systems that can re-enforce the value of company and customer information on a daily basis as part of an employee’s daily duties.  While staff training can help minimize accidental or negligent breaches, for the disgruntled or malicious insider, organizations should consider the added measure of security solutions like content-aware discovery, which uses proprietary machine learning and artificial intelligence tools to accurately find, categorize and protect sensitive data based on corporate policy.

That can be backed up with data loss prevention (DLP) technologies that recognize when valuable data assets are being transmitted out of the organization, either via email, the network, cloud, or endpoints – even getting around attempts to hide sensitive files inside other file formats.

Harvard Business Review has said creating a culture of security awareness is the best cybersecurity investment a business can make.

 

Data Security that Workstm

With the frequency of insider incidents on the rise, training and new technologies designed to address insider threats have to be the foundation of security awareness programs.  Embedding personal cyber sensitivity in staff and suppliers will go a long way to mitigating and containing incidents.  GTB’s DLP that Works solutions offer real-time in-action training so as to educate end-users on appropriate data usage.

Would you like to know more about DLP solutions from GTB? Why not get in touch with us today?

 

 

 

adroll_adv_id = “UIOFH72HVBDSPBBLAJUZE6”;
adroll_pix_id = “HNO2CUNA4BAINCHLEPH2JH”;
/* OPTIONAL: provide email to improve user identification */
/* adroll_email = “username@example.com”; */
(function () {
var _onload = function(){
if (document.readyState && !/loaded|complete/.test(document.readyState)){setTimeout(_onload, 10);return}
if (!window.__adroll_loaded){__adroll_loaded=true;setTimeout(_onload, 50);return}
var scr = document.createElement(“script”);
var host = ((“https:” == document.location.protocol) ? “https://s.adroll.com” : “http://a.adroll.com”);
scr.setAttribute(‘async’, ‘true’);
scr.type = “text/javascript”;
scr.src = host + “/j/roundtrip.js”;
((document.getElementsByTagName(‘head’) || [null])[0] ||
document.getElementsByTagName(‘script’)[0].parentNode).appendChild(scr);
};
if (window.addEventListener) {window.addEventListener(‘load’, _onload, false);}
else {window.attachEvent(‘onload’, _onload)}
}());

100% Catch Rate .... You Bet!

We give this product our SC Lab Approved rating, the highest recognition we offer. If you have sensitive information on your enterprise, you need GTB – if for no other reason than that you’ll sleep much better knowing your data is protected. Peter Stephenson, SC Magazine

Best in Class Solution!

I am an investor at Bain Capital specializing in cybersecurity and infrastructure. We have been doing a deep dive into the enterprise data space since our investment in Ata#####, and have found data loss prevention one of the largest pain points. Many firms lack comprehensive data privacy policies and solutions. We see GTB’s platform as a direct response to address this problem, and we feel it is a best-in-class solution. Nov. 16, 2022 lkin

Blue Cross ... Meeting our complicated needs

Over the years, our environment has become increasing complicated as we continue to improve our security and data protection posture. GTB Technologies has demonstrated time and time again its ability to be agile in meeting our needs. We have seen other (larger) companies struggle to understand issues and communicate them within their company to work toward delivering a solution. This has not been the case with GTB.

LA Metro

“Security is a large initiative for LA Metro, as we continue to grow our network and infrastructure to meet our growing needs that support those living, working and exploring LA County,” said Los Angeles County Metropolitan Transportation Authority Senior Director of Engineering Richard Bezjian. “Our existing email protection would simply not be enough on its own to deliver the strength of protection required to identify and stop today’s cyberattacks. SonicWall delivers additional security efficacy with a competitive TCO.” utilizing GTB Inspector for Data in Motion OEM solution

City & County of San Francisco

"Each department faces unique regulatory challenges and data security must both protect vital data without interfering with critical business. That's why the City replaced its previous DLP and encryption solution with Avanan Data Protection and Encryption. Within days of deployment, the City saw a 30% improvement in the use of data encryption. " GTB catches the events which others missed! CISO City & County of San Francisco, using GTB Inspector for Data in Motion via GTB OEM Avanan 2020

Forcepoint Investor - Private Equity

I have been working closely with Forcepoint. They are highly impressed with GTB’s all-in-one DLP solution and its ability to discover, classify, detect, and protect companies from threats in a seamless manner.

GTB Is A DLP Market Leader

Our deployed Digital Guardian deployment was failing miserably. The product did not function properly and support was non-existent. The inability to address audit issues, inaccurate data provided by the system, and the lack of reporting prompted us to implement GTB after a detailed evaluation of DLP products.

Most Advanced DLP

"GTB has one of the most advanced DLP solutions on the market and we are proud to have them as a partner. As soon as we added them to the Avanan Cloud Security Platform we started seeing our customers testing and then purchasing their solution on our platform" Gil Friedrich, CEO Avanan

Best company to work with

GTB continues to be the best company to work with in our entire portfolio. I’m happy for GTB’s great success while still making MIDFLORIDA feel like your most important customer. Please consider me for a reference anytime.

Great Job All

From all the DLP solutions we have seen, yours Stands out and I believe you and the team are in for a great one. The new UI is so impressive. Great Job All

100% Catch Rate for Data Leakage? You Bet!

We give this product our SC LabApproved Rating, the highest recognition we offer

CISO - Global Financial Institution

I can't wait till you go public to buy your company shares!

Best DLP Software in 2023

#1 of the top 5 Data Loss Prevention solutions in 2023

Best DLP Solutions 2021

Best DLP Solutions 2021

Visibility: Accurately, discover sensitive data; detect and address broken business process, or insider threats including sensitive data breach attempts.

Protection: Automate data protection, breach prevention and incident response both on and off the network; for example, find and quarantine sensitive data within files exposed on user workstations, FileShares and cloud storage.

Notification: Alert and educate users on violations to raise awareness and educate the end user about cybersecurity and corporate policies.

Education: Start target cyber-security training; e.g., identify end-users violating policies and train them.

  • Employees and organizations have knowledge and control of the information leaving the organization, where it is being sent, and where it is being preserved.
  • Ability to allow user classification to give them influence in how the data they produce is controlled, which increases protection and end-user adoption.
  • Control your data across your entire domain in one Central Management Dashboard with Universal policies.
  • Many levels of control together with the ability to warn end-users of possible non-compliant – risky activities, protecting from malicious insiders and human error.
  • Full data discovery collection detects sensitive data anywhere it is stored, and provides strong classification, watermarking, and other controls.
  • Delivers full technical controls on who can copy what data, to what devices, what can be printed, and/or watermarked.
  • Integrate with GRC workflows.
  • Reduce the risk of fines and non-compliance.
  • Protect intellectual property and corporate assets.
  • Ensure compliance within industry, regulatory, and corporate policy.
  • Ability to enforce boundaries and control what types of sensitive information can flow where.
  • Control data flow to third parties and between business units.