Page 36 - Cyber Defense eMagazine forJune 2021
P. 36

The Dangers of Cloud Channels

            Most IT and security professionals know that with great data comes great risk. 59% of IT and security
            professionals cite data loss as “one of the risks of greatest concern in digital technologies.”

            One of the key factors in DLP risk is third-party cloud channels that are now a ubiquitous feature of the
            modern office:
               ●  Collaboration platforms like Microsoft Teams and Slack – used by the entire organization for daily
                   operations.
               ●  Social media platforms, like Facebook, Twitter, and LinkedIn – used by marketing teams and
                   executives for brand building.
               ●  Messaging apps, like WeChat and WhatsApp – used by sales teams, customer support, and
                   many other teams.

            Here’s the challenge: these channels escape traditional security protocols. They exist outside the
            security perimeter, and they lack the multi-billion dollar security industry that email enjoys.

            Moreover, the rapid shift to virtual offices has exacerbated the situation. According to a report, about 57%
            of the workforce are working from home right now, and employers expect nearly 40% of employees will
            remain working remotely by the end of 2021. Home offices are notoriously insecure. This is one reason
            why, over the past year, 74% of US organizations have experienced a successful phishing attack.
            That’s a 14% increase on the previous year.


            Principles for a DLP Program

            CISOs  understand  these  risks.  In  a  recent  survey,  we  asked  600  senior  enterprise  IT  and  security
            professionals to see how they rate their current security and compliance risks. One of the top five primary
            risk concerns for executives is data loss. Furthermore, 70% are most concerned about the brand and
            reputation damage that such threats would bring, followed by potential risk to shareholder value (52%)
            and loss of revenue (42%).

            These statistics speak for themselves: enterprises want and need to implement data  loss prevention
            technologies that go beyond a Band-Aid fix. Why? Because many DLP solutions and programs fail to
            offer “true prevention” at all. Instead, they offer the cyber version of closing the barn door once the horse
            has already bolted. These services often only help in finding or recovering sensitive data which, by the
            time it’s been found and recovered, has already made its way to the deep, dark web.

            To implement a DLP program that offers true prevention, enterprises need to do the following:

               1.  Define your DLP strategy's objectives

                   Talk to your stakeholders and gather their input to help you define your policies and objectives,
                   and determine:








            Cyber Defense eMagazine – June 2021 Edition                                                                                                                                                                                                36
            Copyright © 2021, Cyber Defense Magazine.  All rights reserved worldwide.
   31   32   33   34   35   36   37   38   39   40   41