How LeaksID affects employee behavior and encourages them to follow data security rules.
We sometimes have to deal with the opinion that even though the LeaksID system can detect malicious insiders, it does not protect from the data leaks because it cannot block any prohibited actions.
Our experience, however, has shown that this concern is unfounded. LeaksID can avert most potential leaks because of the preventive effect that impacts employee behavior. Here are some examples of how it works.
There are several solutions on the cybersecurity market whose primary goal is to block actions like sending documents by email or uploading them to removable media. Yet they are helpless if an insider would want to leak data through screenshots, photographs of the screen, or printouts. The number of such incidents is on the rise. Last year, 60% of companies in the US, UK, France, and Germany suffered from printout leaks.
Surprisingly, only 24% of cybersecurity experts believe that the focus should be on preventing rather than responding. In contrast, the research conducted by the Ponemon Institute and Deep Instinct shows that prevention strategies can save up to 82% of the costs associated with the cybersecurity lifecycle.
We also think that preventive measures are much more effective, and here’s why.
Prevention helps indeed
Here is one example we have direct knowledge of from our own experience: after the organizational change in a large telecom company, an anonymous insider started to post confidential information about its processes. The situation was complicated by the fact that the company employed thousands of people, hundreds of whom had access to confidential information. One of them managed to bypass all security systems by simply taking pictures of scanned documents with a smartphone. The insider was smart and accurate enough to stay uncovered. The insider was smart enough to remain uncovered.
The company decided that if it cannot identify the violator, it can at least stop the leaks. We integrated LeaksID technology at every level of the company’s infrastructure. It was later announced that the new data security system had been set up. Shortly after that, all data breaches stopped: apparently, the insider had decided that it was too risky.
Even though the insider avoided punishment for past leaks, it was more important that he or she stop causing damage to the company — both reputational and financial. From the moment LeaksID was integrated into the company’s security system, no further leaks occurred. So, the preventive method proved its effectiveness.
What the lack of preventive measures can lead to
To have an idea of the consequences if preventive data security measures are ignored, let us recall some famous incidents. In early 2014, Quentin Tarantino announced that the script of “The Hateful Eight” had been leaked. One hundred and forty-six pages were released shortly after the famous director sent the screenplay copies to the cast and crew.
One of the reasons this happened was an insufficient concern for script protection. Usually, all sensitive information in Hollywood is encrypted and tagged with unique marks. Some highly expensive projects even use advanced security systems. For the “White House Down” script, Roland Emmerich used holographic paper that made copying impossible. Many studios integrate special programs for storing scripts, which keep the text available only for a certain time or a limited number of views.
Unfortunately, in the case of “The Hateful Eight,” insufficient security measures were taken. Those who had the script claimed that not even watermarks or other standard Hollywood security measures had been used. The movie was released in December 2015; however, Quentin had to spend a pretty stressful few more months rewriting the script.
The above examples show that a conservative approach with a maximum restriction of information exchange is ineffective in many areas. In most cases, sharing sensitive data with colleagues and counterparties is necessary, which is when an approach that can detect the violator, in case of a data breach, is required. Eventually, this impacts the employee mindset, creating a culture of having a more responsible attitude toward working with corporate information. Thus, insider detection technology becomes a preventive measure that can stop data leaks.