DATA SECURITY STRATEGIES

Prevention Perception vs Reality

5 MIN READ

Mark Wojtasiak

Vice President, Portfolio Marketing

Business revolves around data and cybersecurity revolves around the need to protect it, and yet organizations of all sizes and across all industries face a growing threat to data—largely from well-intentioned employees. You may be wondering, “Why does it seem like the issue is growing in spite of our efforts and investments in protecting our data?” You’re not crazy. There is a disconnect between perception and reality when it comes to data security and insider threats.

Traditional Security Is Rooted in Prevention

You’ve probably heard the axiom that an ounce of prevention is worth a pound of cure. The moral being that it’s better to invest a little in preventing something from happening than be forced to spend a lot to mitigate damage or clean up after it happens. It is very practical wisdom, but it relies on the prevention being effective in the first place.

The problem with the traditional approach to data security and guarding against insider threats is that it relies on prevention, but it’s not actually very good at preventing anything. The idea of defending a network perimeter by building a cyber moat and preventing data from going in or out by blocking access was always dubious at best. Now, it doesn’t work at all because there is no perimeter and there is no inside or outside the network. Cloud apps and mobile connectivity have fundamentally changed the game.

To Continue Reading…

Share a few pieces of information and we’ll personalize your experience with us

Perception vs. Reality

It’s eroding, but there is still a common perception that standard security practices will stop insider threats. There are those who still believe that if they can identify and classify all of their data and that security policies and blocking access will be adequate to manage data risk.

That perception, however, doesn’t match with reality. Of the organizations surveyed for the 2019 Data Exposure Report, 38% admitted to suffering a breach of intellectual property in the last 18 months. Nearly 70% of those were breached due to an insider threat and confirmed that they had a data loss prevention solution in place at the time of the breach.

The reality is that prevention was never very effective. And the dramatic change in technology and corporate cultures has made the prevention concept an increasingly losing battle. Attempting to identify and classify all-important or sensitive data as new files are continuously created, and implementing policies to limit where classified data is allowed to go is a daunting challenge under any circumstances. The cloud and mobile workforce amplify the complexity and make it even more difficult. No wonder 90% of customers we asked have their DLP (data loss prevention) in monitor mode only.

Corporate Culture is Shifting

Technology is not the only factor when it comes to the reality of data protection and insider threat. You also have to address issues related to the changing demographics of the workforce and the evolution of communication and productivity.

Younger employees have grown up in a world where the internet has always existed, and mobile connectivity is a fact of life. They take things like cloud apps and data portability for granted. Many resist being handcuffed to specific technologies—they prefer to work where they want to work and use the cloud tools they prefer to use. More than 70% of those surveyed for the 2019 Data Exposure Report agree that data does not necessarily belong to the company. They believe it is their work and their ideas, and they have a sense of ownership and entitlement. At the same time, the average tenure at a given company has declined to less than three years, and it is exceptionally common for employees to take corporate data with them when they leave a company.

The Reality of Insider Threats

Your team is tasked with managing an overly complex security stack—struggling to make disparate tools work together. You have a DLP solution that was sold to you as an insider threat solution, but it relies on policies and blocking, and prevention is simply not an effective strategy.

To make the issue more challenging, CEOs and boards of directors are also pushing for digital transformation and more agility and acceleration within organizations; and the CISO is often not part of the conversation.

With little or no visibility into who is accessing what data, or when or how it leaves the network, you’re just flying blind. It’s hard to change the status quo, but false perceptions don’t prevent insider threats.

Mark Wojtasiak

As vice president of portfolio marketing at Code42, Mark leads the market research, competitive intelligence and product marketing teams. Mark joined Code42 in 2016 bringing more than 20 years of B2B data storage, cloud and data security experience with him, including several roles in marketing and product management at Seagate.