Bill Blake, President of Fasoo USA, and Trevor Smith, Executive Vice President of Brite Computers, presented on May 14, 2014 at the Wall Street Technology Association’s “Delivering Secure Data” Seminar. The event was held at The Yale Club of New York City. The event focused on the issues of detecting and preventing data breaches as more businesses want to be proactive about securing data rather than dealing with the legal and financial costs after the fact.
Bill and Trevor met with a good cross section of business and technology leaders who were interested in how the latest in technology can help address their business problems. Trevor delivered a presentation entitled “Insider Threats: Solved” that focused on the current state of insider threat detection and how Fasoo technology can help customers reduce the risk posed by these challenges.
One of the topics addressed in the presentation were the three main types of insider threats: malicious, careless and accidental. Even though much of the attention is paid to malicious intent, such as the activities of Edward Snowden in 2013, according to the Ponemon Institute, the vast majority of insider data leaks are caused by human error. Someone accidentally sending a document to wrong person or misplacing a USB drive with sensitive information are more common than many want to believe.
One statistic from a Symantec report on “Behavioral Risk Indicators of Malicious Insider Theft of Intellectual Property: Misreading the Writing on the Wall” states that about 65 percent of employees who commit insider IP theft had already accepted positions with a competing company or started their own company at the time of the theft. This points to understanding how information is used within business and who has access to it.
Bill and Trevor talked about how Fasoo data-centric technology can reduce the risk of insider threats by encrypting and applying a security policy to files as soon as they are created. Controlling file access regardless of who has it or its location, is the best way to eliminate these threats.
A number of executives attending the event have had or were aware of someone in their industry that experienced a data breach. While most companies think they are protected against external threats, many are not aware of the risks posed by malicious or accidental behavior by employees, contractors and other trusted insiders.