ICYMI: Top Threats to Data Security Today
What are the top threats to data security today? Find out what the panel of experts from iCorps' Cybersecurity Summit had to say in this video.
[Chris Stephenson - Moderator] The first question is, what are the top three threats to data security today? A fairly broad question, each you may have a different answer on that. So Alan, let me start with you please.
[Alan Toews - Sophos] The top three threats to data security—I think the number one threat is user behavior. I mean, the users are—that's the first line of attack in many attacks. If the user is not educated and is susceptible to just clicking on a link that just shows up in their inbox, then now you have to react to that threat that's just gotten into your network. I would start there. Users are the first line of defense, and the first point to show up in securing your network.
[Ben Darsigny - Mimecast] Yeah, certainly. Users, I think are a factor in almost any attack, at least the attacks that we see at Mimecast, obviously being email-related. They are the target. I think the most dangerous from our perspective are the ones that mix not just the traditional URL-based or attachment-based attacks, but the ones that are really based in social engineering. These days, you're getting a lot of attackers who are very knowledgeable, and really take their time to craft these attacks, and target them on an individual who, as we all know, is out there and available on the internet. Whether it's LinkedIn, Facebook, company website, etc. They make it very difficult to recognize when one of these attacks is happening, versus getting a normal email from somebody they trust. So the use of that to then get in, and maybe steal credentials and get into the broader network that way probably has the biggest impact among the attacks that we see today.
[Michael DePalma] Yeah, I think these two are spot on. User errors—kind of look at any statistic, and we can judge that most of these attacks are utilizing user error. This is social engineering, spear-phishing attacks. It's a lot different than the emails you used to get from your long-lost uncle asking for $5,000. That's not how these guys are getting through.
I also think though, one of the big threats is the folks that are behind this and the players that are behind this. Chris mentioned the teenage kid [hacking parents' Netflix]. There's still some of those out there, but this is really organized crime at this point. This is what organized crime is shifting to because there's so much money to be made and very little risk of getting caught, especially with the prevalence of Bitcoin and other cyber currency. So, you know, we're seeing foreign governments get into these, and even terrorist groups. This is why they're so sophisticated because everything is connected. You know, you hear the internet of things, and it's become kind of an annoying term at this point, but it's true. You can get in through just about anywhere, and their intentions are oftentimes much more devious than just trying to exploit a few thousand dollars from you. So to me, that's a pretty scary threat—not to scare you guys too much.
[Laura MacDonald - Microsoft] Alright, I'll take it in a slightly different direction. What we're talking about is stealing data. Too many organizations don't know what data they have, they don't know where it is, they don't know how to classify it. So once they get through the first layer of the user, if you don't have a data classification and data management program, you're really kind of setting yourself up for failure. GDPR, if anyone in the room is subject to that, brings it to a different level of it's not just about business data stolen, and what do I have to do, but any citizen in the UA—EU sorry—can reach out to you and say "you need to tell me what this is", and you need to do it quickly.
[Jeffery Lauria - iCorps Technologies] So what I'll say, you know, when we talk about three pieces, our users first and foremost, they are the first line. So we all agree upon users are the first line. The second part of that is shadow IT. You know, to your point, we don't know where the data is, we don't know where it sits. A user's not trying to be malicious, a user's trying to be productive. So in an organization, you may be using, for example, Microsoft 365 SharePoint but someone is using Box, and you don't know what data is sitting there. So controlling the data, and knowing where it is, is probably two. And then the third part is really having your team, your organization, adopt security. It is amazing today that I'll go in and I'll talk with business leaders, and they're not using multi-factor authentication. Multi-factor authentication is the single biggest thing that you can do in your organization to protect not only users but the data itself.
And so those are probably the three biggest threats and those threats by the way, are not people coming in, they're threats within your organization. So again, MFA, security controls and adoption, shadow IT, where your information is, and then training your end-users. That's very, very important.
[Chris Stephenson - Moderator] It's interesting that we went so quickly into the data and knowing where your data is, but it has hit the market very rapidly—the GDPR requirements—but even just in general. One of the things I've become aware of recently, is that 90% of the world's data that exists now, was created in the last three years. That's how rapidly we are generating content and data. And if we don't know where it is, we're creating it, where every day—it seems to me—we're creating a bigger challenge right?
So one of the challenges—how do we help—how do you approach your customer and help them with this issue, which is not—almost comes before the security itself, but the actual location of the data and what they have there. How do you educate your customers on that and how much do you talk about? I'd like to start with you Laura because Microsoft Office, email, there's so much there. What's the process that you go through to educate your customers or your partners on that?
[Laura MacDonald - Microsoft] So, DLP's been a term that's been out there for a very long time. Add our sales, the sales engineering manager for the DLP product line. And back then, I even had the thought "that's a last chance effort, it gets out, and now what do I do?" So what we're doing at Microsoft is building it right into the data itself. It's within the email. It's within the Office Docs. We just announced at our big conference last week, that Adobe has it baked in, to do the classification of the data itself so that it shouldn't get out. Only those with access can actually access it. Better yet, you can even go as far as revoking it.
Now when I say that I have customers that look at me and say "there's so much, I don't know where to begin," you've got to start with what is your—whatever classification you want to call it—highly confidential, confidential, intellectual property—pick your term for the stuff that are your crown jewels, and the stuff you think is critical. Start there, and kind of work your way back from there. And yeah, where is it to start with? I think there's standard capabilities to look for as well, and it's our end-users that know what these classifications are. It's not the security people, it's not the IT team, it's about putting it back in the hands of the end-users. Not saying that's easy, but you've got to start looking at that.
iCorps Video Library