Page 118 - Cyber Defense eMagazine January 2023
P. 118
Last summer, hackers breached Electronic Arts (EA), a digital interactive entertainment company, using
collaboration technology as a gateway to gain access and passwords. Insider activity is also a
concern, as we saw in the case of the Google executive charged with stealing trade secrets.
In fact, 82% of data breaches involved a human element, according to Verizon’s 2022 Data Breach
Investigations Report. The latest data security breaches highlight both the insecurity of collaboration tools
and the human element behind these incidents. Compounding this situation further is the fact that most
organizations are still grappling with a significant security skills gap; they’re understaffed and the staff
they do have is often undertrained.
Staying secure while promoting seamless collaboration
For some older, more legacy companies, it’s tempting to avoid such risk by restricting or even blocking
the use of these collaboration tools – but they do so at the cost of limiting business. They might be a little
more secure, but they’re creating friction, hampering communication and slowing the company down. In
today’s competitive landscape, slower isn’t an option. It’s also not a panacea; employees will find ways
to share information needed to do their jobs, whether it’s sanctioned or not. The best option is to find a
way to allow data sharing in a secure way.
Organizations today are using an average of 80 IT-sanctioned SaaS apps – and that number is growing.
That doesn’t count all the SaaS apps employees may be using on their own without getting IT’s blessing
(shadow IT). Securing each and every one isn’t feasible; you have to focus on securing the collaboration
channels where data is being moved back and forth, such as GDrive, OneDrive, or Slack.
This is a challenge. These tools are still very new; for many companies, adoption was as recent as the
start of the pandemic. They’re still adjusting – and so are the bad guys, although they’re quickly
discovering the potential opportunities these tools pose for them.
Context is key
The same old security tools used for the old way of working won’t suffice because this new way of working
is far more distributed. Manually classifying the data and applying static policies is also unwieldy; you
wind up with a lot of noise and a high rate of false positives.
Here’s an example: As opposed to an old system that might send an immediate alert that an employee
has sent sensitive information and immediately block it, with newer collaboration security tools, you can
gain additional context. Now you know the employee is a patent attorney who sent a patent to his
colleague, a contractor also working on other patents and working in the same patents Slack channel –
an activity that is justified.
Static rules, such as in the legacy data security tools, create a lot of noise and false positives. The only
way to solve this problem of collaboration security is to have contextual understanding of the “why” behind
every action. Without that, you can’t effectively solve the problem.
Then, because it’s impossible to do this manually, you need a dynamically updated set of rules that will
ensure very low noise and accurate detection of risky data access and leakage. There are now tools
available that use AI to automatically map the sensitive information in your collaboration challenges and
apply business context to every action in every channel. By understanding the connection between
Cyber Defense eMagazine – January 2023 Edition 118
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.
