By Otavio Freire, CTO & Co-Founder at SafeGuard Cyber
Data, the saying goes, is the new oil. This probably understates the case: Not only is data at the core of the biggest businesses on earth but unlike oil, more and more of it is being created, at an exponential pace. Around 2.5 quintillion bytes of new data every day, to be precise.
The most valuable forms of data exist within enterprises. Customer data, financial data, intellectual property – today, companies across industries live or die on the value and integrity of their data. A single successful phishing attack could spell disaster. However, the speed and volume at which data is transferred and exchanged, and at which digital interactions occur, presents a serious control problem.
As every CISO knows, data loss prevention (DLP) is critical to protecting the organization. However, the threat surface is larger than ever – especially in the wake of a wholesale shift to virtual workspaces, and an accompanying rise in cyber attacks. What are the important things to know about the current DLP landscape? And how can organizations protect themselves?
The Dangers of Cloud Channels
Most IT and security professionals know that with great data comes great risk. 59% of IT and security professionals cite data loss as “one of the risks of greatest concern in digital technologies.”
One of the key factors in DLP risk is third-party cloud channels that are now a ubiquitous feature of the modern office:
- Collaboration platforms like Microsoft Teams and Slack – used by the entire organization for daily operations.
- Social media platforms, like Facebook, Twitter, and LinkedIn – used by marketing teams and executives for brand building.
- Messaging apps, like WeChat and WhatsApp – used by sales teams, customer support, and many other teams.
Here’s the challenge: these channels escape traditional security protocols. They exist outside the security perimeter, and they lack the multi-billion dollar security industry that email enjoys.
Moreover, the rapid shift to virtual offices has exacerbated the situation. According to a report, about 57% of the workforce are working from home right now, and employers expect nearly 40% of employees will remain working remotely by the end of 2021. Home offices are notoriously insecure. This is one reason why, over the past year, 74% of US organizations have experienced a successful phishing attack. That’s a 14% increase on the previous year.
Principles for a DLP Program
CISOs understand these risks. In a recent survey, we asked 600 senior enterprise IT and security professionals to see how they rate their current security and compliance risks. One of the top five primary risk concerns for executives is data loss. Furthermore, 70% are most concerned about the brand and reputation damage that such threats would bring, followed by potential risk to shareholder value (52%) and loss of revenue (42%).
These statistics speak for themselves: enterprises want and need to implement data loss prevention technologies that go beyond a Band-Aid fix. Why? Because many DLP solutions and programs fail to offer “true prevention” at all. Instead, they offer the cyber version of closing the barn door once the horse has already bolted. These services often only help in finding or recovering sensitive data which, by the time it’s been found and recovered, has already made its way to the deep, dark web.
To implement a DLP program that offers true prevention, enterprises need to do the following:
- Define your DLP strategy’s objectives
Talk to your stakeholders and gather their input to help you define your policies and objectives, and determine:
- Which sensitive data you hold, where they are stored, and the order of prioritization;
- Who accesses/is responsible for that particular data set;
- The acceptable uses of that data set;
- Where it’s allowed to go, and where it’s not;
- How responsibility is assumed when a violation happens.
Once these are clear, charter a DLP program structure to ensure order, accountability, and stakeholder buy-in.
2. Secure “prevention” technologies, not just “cures”.
As I said, most data loss prevention companies don’t differentiate data loss prevention from loss remediation. My advice: Find an effective DLP tool that allows you to:
- Gain visibility across all your cloud channels, while maintaining privacy.
- Implement powers of detection against cyber attacks and threats.
- Automate detection and quarantine of messages, attachments, and documents with sensitive data, as well as the resolution process.
- Limitlessly scale your DLP program to accommodate the growing amount and speed of data going through your channels.
3. Educate employees and executives alike.
Verizon reports human error accounts for nearly 25% of all breaches. Even with an automated DLP platform, educating your stakeholders and employees on your DLP strategy ensures maximum protection and accountability.
4. Do not “set and forget”.
Regularly schedule audits of your DLP program. Conduct red team exercises to ensure that your program is still in working condition. Continuous monitoring, evaluation, and refinement of your DLP process are essential.
With these best practices, companies can greatly improve their DLP strategy and significantly reduce their digital risk surface. And in these troubled times, that is a level of security that ensures a company’s resilience.
About the Author
As the President, CTO, and Co-Founder of SafeGuard Cyber, Otavio Freire is responsible for the development and continuous innovation of SafeGuard Cyber’s enterprise platform, which enables global enterprise customers to extend cyber protection to social media and digital channels. He has rich experience in social media applications, Internet commerce, and IT serving the pharmaceutical, financial services, high-tech, and government verticals. Mr. Freire has a BS in Civil Engineering, an MS in Management Information Systems, and an MBA from the University of Virginia Darden School of Business, where he currently serves as a visiting executive lecturer. To learn more about SafeGuard Cyber, visit the website at http://www.safeguardcyber.com/.