Data Exfiltration Study
Data Exfiltration Study: Actors, Tactics, and Detection
Data loss is a real risk for organizations, especially as the value of data grows, thieves get more sophisticated, and internal actors make mistakes affecting data or intentionally steal information. The image below illustrates some of the ways in which data is compromised.
Clic on the picture to enlarge:
After interviewing information technology and security professionals around the world to better understand aspects of data exfiltration, Intel Security has concluded that a combination of security tools, response plans, awareness training and education will make organizations more defensible and less likely to suffer from data loss. Based on the findings of the survey, here are five tips for combatting data exfiltration as presented in the Grand Theft Data report:
1. Place more control on data: Determine what information is appropriate to collect and what should be kept. Deploy security solutions to help control where sensitive data is stored on the cloud, how it is stored, and who has access to it.
2. Use data loss prevention (DLP) technology and intrusion detection and prevention systems: If you already have them installed, make sure they are appropriately configured and not sitting in a default passive or monitoring-only mode. Continuous network monitoring and DLP technology displayed a strong correlation with improved security posture and breach detection.
3. Protect physical media: Theft of physical media was implicated in 40 percent of exfiltrations. Understand what controls are in place for preventing thefts from media including laptops, tablets, USB drives, mobile phones, webcams and older forms like DVDs. Encryption, DLP, and cloud applications can help reduce the risk.
4. Educate employees: Internal actors were responsible for 43 percent of data loss, half of which was accidental. Review operational practices, refresh employee awareness training programs, and remind employees of the importance of data privacy and confidentiality.
5. Retain your security professionals: Those with five years or more experience at their current employer created a stronger security posture and lowered risk of serious data exfiltration.
Source: Mcafee Intel Security