Cybersecurity issues became a priority for businesses in 2019. Curiously, employees are becoming the main threat to companies’ digital security today, according to the Verizon DBIR 2019 report. The good news is that technologies that are designed to protect companies from data breaches are evolving to forestall malicious perpetrators. This article examines what internal threats companies must be ready to cope with in 2020 and lists ways of doing so.
Many companies consider data breaches to be an external threat. In practice, however, companies’ employees are accountable for most data breaches. Globally, the number of data breaches caused by insiders has been growing and reached 34 percent in 2019. Yet this number may not accurately reflect the actual state of affairs. The known cases of data breaches are only the tip of the iceberg. Since data breaches that are perpetrated by insiders cause massive reputational damage, companies try to avoid making such stories public.
Live example: Cisco vs Wilson Chung
The following example demonstrates how this method applies in practice. Cisco System Inc. filed a lawsuit against three of its former senior employees, accusing them of stealing thousands of files containing confidential information. The stolen data later came to Cisco’s competitor’s possession. Cisco claimed that Wilson Chung, one of the company’s principal engineers, downloaded more than 3,000 documents containing commercial classified information before resigning from his position in the company.
Chung was also accused of recruiting another Cisco engineer, James He. Chung allegedly persuaded him to join a rival company.
Cisco maintains that He could bypass security protocols by using his iPhone to take the confidential documents' pictures.
The complaint was filed in federal court in San Jose, California.
How to protect your company from insider breaches?
For a long time, companies have been using Data Leak Prevention (DLP) technology, which monitors what file has been transferred where to protect corporate data. If an employee attempts to leak sensitive data via email or a removable hard drive, the system blocks the user’s suspicious action. It notifies the company’s security service about the illicit activity.
Yet, the DLP technology has several flaws. For example, the system may slow down a company workflow if it blocks a suspicious transfer of confidential data. In addition, though the DLP technology is an effective tool for analyzing incoming and outgoing traffic, it cannot protect companies against employees who leak data by photographing computer screens or printing out sensitive documents. Neither can the DLP system identify and pinpoint a specific breacher.
As the value of information increases, so do financial losses of companies if their confidential data is leaked. The average damage from a single insider data breach amounts to around $513,000 according to a study the Ponemon Institute conducted. It may take 69 to 197 days to detect and fix such a breach. Moreover, the longer it takes a company to identify the culprit, the more reputational and financial losses the breach causes. Therefore, companies need solutions that can detect breaches and help them identify the breaches’ sources quickly.
Information Leak Detection (ILD) systems constitute such a solution. They are also known as Leaks-ID in the United States. A system of this kind can detect and pinpoint a specific breacher. The ILD technology does so by creating individually marked copies of all files for each user. The system creates a new copy every time a document is modified. The ILD system is capable of creating trillions of unique copies of a single Word or Pages document. Even big companies that deal with large numbers of documents will find this solution sufficient.
A modified copy does not differ visually from the original, but every element of the file contains unique tags that the system uses to identify the sender and recipient of any given copy. In case sensitive information gets leaked to competitors, clients, or the mass media, a small fragment is sufficient to establish the source of the leak with 100 percent accuracy.
The ability to identify the source of a leak in case someone takes a screenshot of sensitive data or photographs a computer screen is one of the key advantages of the ILD system.
Many data leaks occur because the perpetrators firmly believe that it is impossible to trace the breach back to them. Informing employees about the introduction of ILD technology in your company will make it clear to everybody that a potential culprit will be identified and punished in case of a data breach. Communicating this to employees significantly reduces the chance of malicious leaks.
Introducing the VDR-system for a secure workflow
According to a Forbes forecast, up to 83 percent of corporate data will be stored on cloud services in 2020, yet cloud services are not the most secure way to store sensitive data. Therefore, cases of data leaks from cloud-based services grow every year. For example, in 2018, more than 70 percent of sensitive data was compromised, particularly because it was stored on cloud-based servers.
In 2019, Wyze confirmed that personal information of its 2.4 million clients became publicly available as a result of a data breach on its server. How did it happen? The company had copied some of the files and transferred those from its servers to a system that initially appeared to be a more convenient location for storing the data. The new location was initially well-protected. However, the confidential data suddenly became compromised when one of the Wyze employees had mistakenly deleted previous security protocols.
Virtual Data Room (VDR), a service that provides a high degree of protection against data breaches, can prevent such incidents. The VDR is a cloud-based service for storing and sharing data that provides its users with flexible access settings, checks files for malware, and marks them.
MarketsandMarkets forecasts that the market volume of virtual data rooms will reach $1.8 billion by 2022 and show an average growth rate of 14.8 percent.
When is the VDR system particularly useful?
It is especially useful for mergers and acquisitions, audits, preparations for an initial public offering (IPO), managing confidential information of public figures, and protecting innovations and intellectual property. Yet, this list is not exhaustive. The VDR system may be a solution for a company that requires a modern and comprehensive information security system.
Some may argue that the DLP, ILD, and VDR can be bypassed by simply copying the contents of sensitive data by hand using a pen and paper. Indeed, data can never be fully protected from breaches of any kind. Yet, one should not forget that sensitive corporate data is almost always too valuable for a potential buyer to solely rely on an insider’s word as opposed to convincing evidence such as scans or photos of documents.
This is where the modern security systems come into play to protect companies’ corporate data.