Gartner 2020 Market Guide for Insider Risk Management Solutions | Get the report →
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support
Code42 Logo
  • Products
    • Incydr™ Data risk detection and response for insider threat Product Overview right arrow icon
      • Features
      • Detection
      • Investigation
      • Response
      • Use Cases
      • Remote workforce monitoring
      • Departing employee monitoring
      • IP theft detection
      • View All
      • Information
      • Product Plans
      • Deployment
      • Integrations
      • Developer Portal
      • Trust & Security
      • Services
    • Incydr™ Gov Insider Risk detection for the federal government
  • Solutions
    • Insider Risk
    • Data Exfiltration
    • Incident Response
  • Company
    • About
    • News
    • Careers
    • Leadership
  • Resources
    • Resource Center
    • Reports, eBooks, Videos
    • Events & Webinars
    • Customer Stories
    • Product Resources
    • Integrations
    • Developer Portal
    • Trust & Security
    Data Protection: Code42 vs. DLP Leave DLP behind with a better, risk-based approach to protect data. Learn more right arrow icon
  • Blog
  • Get Started
  • Partners
    • Technology Partners
    • Reseller Partners
    • Partner Portal
  • Customer Toolkit
  • University
  • Support

DATA SECURITY STRATEGIES

Prevention Perception vs Reality


5 MIN READ

SHARE

Mark Wojtasiak

Vice President, Portfolio Marketing

Business revolves around data and cybersecurity revolves around the need to protect it, and yet organizations of all sizes and across all industries face a growing threat to data—largely from well-intentioned employees. You may be wondering, “Why does it seem like the issue is growing in spite of our efforts and investments in protecting our data?” You’re not crazy. There is a disconnect between perception and reality when it comes to data security and insider threats.

Traditional Security Is Rooted in Prevention

You’ve probably heard the axiom that an ounce of prevention is worth a pound of cure. The moral being that it’s better to invest a little in preventing something from happening than be forced to spend a lot to mitigate damage or clean up after it happens. It is very practical wisdom, but it relies on the prevention being effective in the first place. 

The problem with the traditional approach to data security and guarding against insider threats is that it relies on prevention, but it’s not actually very good at preventing anything. The idea of defending a network perimeter by building a cyber moat and preventing data from going in or out by blocking access was always dubious at best. Now, it doesn’t work at all because there is no perimeter and there is no inside or outside the network. Cloud apps and mobile connectivity have fundamentally changed the game. 

To Continue Reading…

Share a few pieces of information and we’ll personalize your experience with us

Perception vs. Reality

It’s eroding, but there is still a common perception that standard security practices will stop insider threats. There are those who still believe that if they can identify and classify all of their data and that security policies and blocking access will be adequate to manage data risk. 

That perception, however, doesn’t match with reality. Of the organizations surveyed for the 2019 Data Exposure Report, 38% admitted to suffering a breach of intellectual property in the last 18 months. Nearly 70% of those were breached due to an insider threat and confirmed that they had a data loss prevention solution in place at the time of the breach. 

The reality is that prevention was never very effective. And the dramatic change in technology and corporate cultures has made the prevention concept an increasingly losing battle. Attempting to identify and classify all-important or sensitive data as new files are continuously created, and implementing policies to limit where classified data is allowed to go is a daunting challenge under any circumstances. The cloud and mobile workforce amplify the complexity and make it even more difficult. No wonder 90% of customers we asked have their DLP (data loss prevention) in monitor mode only. 

Corporate Culture is Shifting

Technology is not the only factor when it comes to the reality of data protection and insider threat. You also have to address issues related to the changing demographics of the workforce and the evolution of communication and productivity. 

Younger employees have grown up in a world where the internet has always existed, and mobile connectivity is a fact of life. They take things like cloud apps and data portability for granted. Many resist being handcuffed to specific technologies—they prefer to work where they want to work and use the cloud tools they prefer to use. More than 70% of those surveyed for the 2019 Data Exposure Report agree that data does not necessarily belong to the company. They believe it is their work and their ideas, and they have a sense of ownership and entitlement. At the same time, the average tenure at a given company has declined to less than three years, and it is exceptionally common for employees to take corporate data with them when they leave a company.

The Reality of Insider Threats

Your team is tasked with managing an overly complex security stack—struggling to make disparate tools work together. You have a DLP solution that was sold to you as an insider threat solution, but it relies on policies and blocking, and prevention is simply not an effective strategy. 

To make the issue more challenging, CEOs and boards of directors are also pushing for digital transformation and more agility and acceleration within organizations; and the CISO is often not part of the conversation. 

With little or no visibility into who is accessing what data, or when or how it leaves the network, you’re just flying blind. It’s hard to change the status quo, but false perceptions don’t prevent insider threats.

Mark Wojtasiak

As vice president of portfolio marketing at Code42, Mark leads the market research, competitive intelligence and product marketing teams. Mark joined Code42 in 2016 bringing more than 20 years of B2B data storage, cloud and data security experience with him, including several roles in marketing and product management at Seagate.

Code42 logo
Code42 logo

Code42

  • About Code42
  • News + Events
  • Awards
  • Investors
  • Leadership
  • Careers
  • Contact Sales

Learn More

  • Insider Risk Ecosystem
  • Reseller Partners
  • Federal Solutions
  • Higher Education Solutions
  • CrashPlan for Small Business
  • Customer Stories

Support

  • Help Center
  • Code42 University
  • Professional Services
  • Twitter Twitter
  • Facebook Facebook
  • LinkedIn LinkedIn
  • YouTube YouTube
  • Terms of Use
  • Privacy Statement
  • Impressum
© 2021 Code42 Software, Inc. All rights reserved.
Get Started with Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
Start Free Trialright arrow icon
Try Incydr at no cost for 30 days to quickly uncover your data blindspots
Interactive Demo
Take Incydr for a spin in our free sandbox environment.
Launch the demo right arrow icon
Explore the deeper functionality of Incydr™
Contact Salesright arrow icon
We'll have an insider threat expert reach out within 24 hours
Interactive Demo
Take Incydr for a spin in our free sandbox environment.
Launch the demo right arrow icon

This website uses cookies to improve your user experience and to provide content tailored specifically to your interests. Detailed information on the use of cookies on this website, and how you can manage your preferences, is provided in our Cookie Notice. By clicking I Agree or continuing to use this website, you consent to the use of cookies. Learn more.

Code42
Powered by  GDPR Cookie Compliance
Privacy Overview

This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.

Strictly Necessary Cookies

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

If you disable this cookie, we will not be able to save your preferences. This means that every time you visit this website you will need to enable or disable cookies again.