Google: Anthony Levandowski, a star engineer brought in to lead the Uber's self-driving automobile efforts was accused of stealing trade secrets (1400 design documents for self-driving cars) two weeks before he left a job at Google link:

Verizon breach: 14M customer records , a contractor working for Verizon made a configuration mistake that left the system exposed

Anthem, A data breach may have exposed personal health information of thousands of Anthem Medicare enrollees. More than 18,500 Anthem Medicare members' Social Security and Medicare identification data may have been exposed.

What do all of these breaches have in common?

  • #1 risk for CISO's is data breaches. Your biggest asset is your biggest risk
  • We live in a world with diverse group of users who have freedom and access to systems
  • Occurrences of corporate data theft are the highest ever - estimates are around 3M records every day. 44 records every second.
  • And, organizations are less prepared than ever...

  • So with the concept of “insider = good and outsider = bad as seemingly irrelevant, I am now going to explain why organisations need to take a people focused approach, if they are to address and pro-actively prevent insiders threats. The challenge of reducing the mean time to detect and respond, applies to either internal or external threats – you want to be able to reduce the risk and let your board know what happened.

    if you dive deeper there are 3 things that make sense, you need from a technology solution you need to bring the context of the user into play, ie what access do they have and what are they doing with it and marry it with the context of the data, you bring these 2 together with analytics to detect what has happened under one integrated solution that gives you that view to enable you to have comprehensive visibility, intelligence to detect in real-time, and proactively educate the user or take actions from preventing the data from being exfiltrated.

    • Session recording
    • Anonymisation