Into the Breach
With more than 3.67 billion data records lost or stolen world-wide, there is greater responsibility than ever before on MENA’s CISOs and CIOs to ensure the security of their organizations. Data theft and cyber security - once obscure concepts that were restricted to the IT departments at large corporations have become common topics of discussion in recent years. Since 2013, more than 3.67 billion records have been lost or stolen worldwide - with almost 233.5 million in December 2015 alone, according to a report by Breach Level Index. This threat has grown increasingly global, with companies in the MENA region also now at risk.
That means it is now more critical than ever before for public and private sector organizations around the world to boost their system capabilities to protect against data loss and ensure consumers remain confident while sharing personal information online. According to a Data Breach Investigations Report from Verizon Communications, the cost of a breach of 100records can range from $18,000 to $555,000. Often the culprits are careless or malicious employees who have stolen or simply lost private records -far from the popular image of sophisticated menacing hackers lurking in the shadows. Against this backdrop, the responsibility resting on the shoulders of Chief Information Officers and Chief Information Security Officers (CISOs) now weighs heavier than ever.
And this is where Data Loss Prevention (DLP) technologies come into play. But, for the successful implementation of these technologies, an organization must have a clear idea both of the threats they face and, vitally, how DLP technologies can be properly implemented to protect against them. In simple terms, DLP solutions are designed to protect data against attempts to copy and/or send it to unauthorized entities. These solutions fall into two categories: Those focused on preventing loss from data in motion and those that protect data at rest or in use.
Meanwhile, a growing number of hardware and software vendors are seeking to secure a share of the DLP market - one that research firm Markets and Markets predicts will grow to an annual figure of $2.64 billion by 2020, up from $0.96 billion in 2015. However, despite the increasing scale and sophistication of the DLP solution landscape and the existence of skilled information security officers, combating data loss remains fraught with challenges. From demands and weaknesses relating to information security governance to understanding data flows and addressing the lack of information, data loss protection can seem an insurmountable task. However, if suitably armed with knowledge and a solid plan, the objective should be within reach.
The following steps are designed to help set organizations on the right track to security:
Create a Plan
Today’s DLP landscape is rife with marketing materials that are masquerading as industry insights, and one-sided opinions that can cloud judgment. As a result, organizations can find themselves entering into a sea of DLP solutions for which they are unprepared.
This means that companies must understand their technologies and the nature of their problems to determine the action required-DLP solutions may not even be the answer. Companies must then develop a clear plan that can evaluate the scope of the threats they face and the most effective way to minimize them. Here, alignment with the organizationwide information governance program is critical. Proper planning and governance can help set the rules for any security solution while ensuring clear objectives and criteria for evaluation.
Know your Data
DLP solutions are designed to crawl through the network using agents to identify structured and unstructured data in a process called fingerprinting. While this is a valuable and time saving feature, it is not necessarily failsafe and can present risks: in the absence of manual processes, sensitive data could be overlooked. Therefore, before embarking on the implementation of a DLP solution, organizing and classifying data’s an important first step. If this is done successfully, determining what type of data requires protection-and thus what solution is required-will become a smoother exercise.
Understand the Options
Different DLP solutions come with different capabilities. While many focus on providing endpoint protection for mobile devices, laptops, or other user systems, some protect data at rest, securing databases and online storage while monitoring for data being downloaded or transferred. Meanwhile, other solutions monitor network traffic to protect data in motion. Successful DLP deployment, therefore, requires a complete understanding of an organization’s data types and flows.
In summary, the three main DLP solution types includes solutions that secure data in use or storage on endpoints, those that secure data in motion, and comprehensive solutions that protect data both at rest and in motion.
Adopt a Phased Approach
Using a phased approach to the implementation of DLP solutions enables engineers to better assess legitimate data flows within a network and separate them from those that demonstrate data loss. Phasing can also help avert inaccuracies. When implementing DLP solutions, potential impacts to network traffic could derail the solution and inundate security analysts with false positives. Implementing network-based DLP capabilities at egress points-the points through which data leaves one network for another-can allow a system to function passively and facilitate fine tuning over time. It can then become easier to migrate the system to maximize in-line protection.
Layering additional security capabilities on top of existing infrastructure will only exacerbate complexities in incident response and mitigation. DLP systems that do not integrate with security information and event management (SIEM) technologies, and that do not support an organization’s current security goals and constructs, will only increase the workloads of already over-burdened employees and decrease the effectiveness of the solution. Furthermore, failing to ensure system integration will prevent security staff from using emerging analytics technologies and tactics to combat threats.
As the adoption of digital payment technologies accelerates and contactless payment options become more popular, CIOs and CISOs need to undertake a comprehensive evaluation of the risks of data theft. From there, the application of measures to combat those threats can help leaders protect their networks, and consequently, their balance sheets. The key is to reassure customers that their private information ranging from birthdates to credit card data and bank account numbers is stored in a safe place, out of reach of hackers and cybercriminals.
Dr Mahir Nayfeh