Data Security What are you waiting for? Lior Arbel General Manager Europe Performanta

Similar documents
What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

Don't Be The Next Data Loss Story

McAfee Data Protection Solutions

Today s Topics. Protect - Detect - Respond A Security-First Strategy. HCCA Compliance Institute April 27, Concepts.

ITAR Compliance Best Practices Guide

CA Technologies Data Protection

AB 1149 Compliance: Data Security Best Practices

KEY STEPS FOLLOWING A DATA BREACH

ENABLING FAST RESPONSES THREAT MONITORING

Small businesses: What you need to know about cyber security

SECURE FILE SHARING AND COLLABORATION: THE PATH TO INCREASED PRODUCTIVITY AND REDUCED RISK

Secure Document Sharing & Online Workspaces for Financial Institutions

Incident Response. Six Best Practices for Managing Cyber Breaches.

DLP Content Discovery: Best Practices for Stored Data Discovery and Protection

Websense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

WildFire Reporting. WildFire Administrator s Guide 55. Copyright Palo Alto Networks

PCI Assessments 3.0 What Will the Future Bring? Matt Halbleib, SecurityMetrics

For your eyes only - Encryption and DLP Erkko Skantz

How To Protect Your Data From Theft

Data Breach Strikes - Nerds & Geeks Unite: Effective Cooperation Between Privacy and Technical Experts Presented by: Paul H. Luehr, Managing Dir.

Stay ahead of insiderthreats with predictive,intelligent security

Understanding and Selecting a DLP Solution. Rich Mogull Securosis

Data Security: Fight Insider Threats & Protect Your Sensitive Data

RSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief

SECURE YOUR DATA EXCHANGE WITH SAFE-T BOX

CyberArk Privileged Threat Analytics. Solution Brief

Information Security It s Everyone s Responsibility

Comprehensive Advanced Threat Defense

how can I comprehensively control sensitive content within Microsoft SharePoint?

Organizations Must Employ Effective Data Security Strategies

MEANINGFUL USE DESK AUDIT

Incident Response. Six Best Practices for Managing Cyber Breaches. Nick Pollard, Senior Director Professional Services EMEA / APAC, Guidance Software

WHAT YOU NEED TO KNOW ABOUT CYBER SECURITY

HIPAA Security & Compliance

A Practical Guide to Data Classification

Computer Forensics and Incident Response in the Cloud. Stephen Coty AlertLogic, AlertLogic_ACID

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)

Sample Data Security Policies

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Protecting ip Data From Loss and theft: The ShorTeST PaTh To PrevenTion and risk reduction

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

THE EXECUTIVE GUIDE TO DATA LOSS PREVENTION. Technology Overview, Business Justification, and Resource Requirements

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Click&DECiDE s PCI DSS Version 1.2 Compliance Suite Nerys Grivolas The V ersatile BI S o l uti on!

PRIVACY BREACH MANAGEMENT POLICY

Project Title slide Project: PCI. Are You At Risk?

Ultimate control over data leaks

2012 雲 端 資 安 報 告. 黃 建 榮 資 深 顧 問 - Verizon Taiwan. August 2012

LogRhythm and NERC CIP Compliance

Logging In: Auditing Cybersecurity in an Unsecure World

SAFELY ENABLING MICROSOFT OFFICE 365: THREE MUST-DO BEST PRACTICES

10 best practice suggestions for common smartphone threats


INVESTIGATIONS REPORT

Web Protection for Your Business, Customers and Data

74% 96 Action Items. Compliance

How-To Guide: Cyber Security. Content Provided by

Mimecast Large File Send

Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan

Network/Cyber Security

Fight fire with fire when protecting sensitive data

Data Loss Prevention. Keeping sensitive data out of the wrong hands*

TITUS Data Security for Cloud Identify and Control Sensitive Data Sent to the Cloud

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

PREVENTIA. Skyhigh Best Practices and Use cases. Table of Contents

The Ministry of Information & Communication Technology MICT

PCI: It Never Ends. Why?

The Cloud App Visibility Blindspot

Database Auditing: Best Practices. Rob Barnes, CISA Director of Security, Risk and Compliance Operations

Anatomy of a Cloud Computing Data Breach

Chapter 4 Application, Data and Host Security

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Websense Data Security Solutions

Executive s Guide to Cloud Access Security Brokers

Practical DLP Deployment

How To Manage Security On A Networked Computer System

Barracuda User Guide. Managing your Spam Quarantine

Why The Security You Bought Yesterday, Won t Save You Today

Transcription:

Data Security What are you waiting for? Lior Arbel General Manager Europe Performanta

So, what is a DLP solution? DLP = Data Leakage (loss) Prevention Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use through deep content analysis. Rich Mogull (securosis.com) former Gartner analyst for DLP 2

How Data leakage happens Internal Non Malicious Bad business process Internal Malicious External attacker

Some numbers Source : Skyhigh Cloud Adoption & Risk Report 2015

Some numbers Breakdown of Sharing Actions Source : Skyhigh Cloud Adoption & Risk Report 2015

Solutions to the different attack vectors External to Internal Internal Spreading

Solutions to the different attack vectors Stages 2-7: Web/Email Security Gateway and Data Leakage Prevention Stages 1-6: IDS\IPS Solution External to Internal Internal Spreading

Internal Spreading Stages 1-7: Internal Malware Trap Stages 1-7: Client Based Forensic Tool Stage 4: Privilege Account Management Stages 6-7: Web Gateway and DLP

DATA PROTECTION PROJECT METHODOLOGY

Data Protection Project Data Classification Access Control FAM DRM GRC/SOC Encryption Financial data, SMTP, UK/Finance Business unit/ country DLP PROJECT

Data Protection Project VS.

roject Implementation Phased Approach Phase 7 Phase 1 Phase 6 Awareness & Training Management & Reporting Project Life-cycle Scope Freezing and Project initiation User Profile Identification Phase 2 Phase 5 Actionable Auditing and Policy Fine tuning Policy Development Sensitive Information & business requirement identification Phase 3 Phase 4 12

Business Co-operation Executive Sponsorship for the Project required. Business function need to actively participate for Identifying sensitive data Deriving policies Managing incidents Start with pre-defined patterns, conduct RA, trigger interest with Business heads. Pre-defined patterns reduce the risk exposure.

Interview Questions 1. What information does you/your department own, which if lost, stolen, damaged or compromised would have a severe impact on your business? 2. On a scale of 1 5, what would the impact be if that data was lost/stolen? 3. How comfortable are you today with your ability to demonstrate due care in the event of an accidental or malicious incident that resulted in data loss/theft? 4. Is there anyone else that you can think of who would also be impacted by this? 14

Create End user awareness through DLP tool DLP solutions can be extremely powerful in educating users, help them to treat sensitive data with more care, e.g. This email contains customer sensitive information Are you sure? Copying Intelctual property data to this type of USB is not recommended Please choose your action and the justification for it This is an unauthorized recipient Your manager have been notified for approval This content must be encrypted do you want to release it and automatically encrypt it? 15

Some War Stories Vertical Manufacture Protected content Document fingerprint, patterns Incidents Marketing information was sent out by a user that was about to leave the company to work for a competitor. Finance Telecom Document fingerprint, patterns, keywords, file types Document fingerprint, patterns Next year business plan was sent by a VP to her son in order to shape the graphics and animation inside Customer reported that in 3 months he found 50 wrong business Processes which he wasn t aware off before installing the system Manufacture Manufacture Manufacture Retail Document fingerprint, patterns Document fingerprint, Keywords, Patterns Keywords, patterns, Document fingerprint Patterns, DB, Document fingerprint Customer discovered that Intellectual property leaves their Asia office to a 3rd party, including product designs and source codes. Product source code was uploaded to a public drive Employee stated that they have tight deadline to achieve and wanted to work on it from home Employee send out an excel sheet protected by password with financial details the password attached in the body of the mail was 123456 A log of cash registers system sent out to the supplier of the software found to contain enormous amount of customers credit cards

Data Classification You have to do it right I can t decide let s leave it to the default Everything is classified False Positives Everything is unclassified False Negatives

Classification Challenges Source : Microsoft

QUESTIONS?

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information