Despite the easy availability of USB memory sticks, CDs, DVDs and storage platforms, the most common method for the theft was email..
- 95% of all the internal data theft is carried out by a departing employee
- of those, 30% do so to set up a competing business model
- 65% to use the information in a new role with an existing competitor
- over 70% of IP theft cases are committed within 30 days of the employee announcing their resignation
- the problems are greater overseas where visibility & control are reduced, while risks are larger
Over half (56%) of cases involved the use of attachments in emails outside of the company, while 26% of thieves took the physical route and printed out the info. USBs and memory sticks accounted for just six per cent
Your own communication systems (email, IM, social media) are your greatest weakness as it is an open highway, enabling insider risk or allowing outsiders to gain access & ex-filtrate sensitive data.
Solutions in the past have failed to effectively monitor communications data because of the sheer volume of false positives generated by DLP systems.
Overwhelming false positives and the lack of sophistication has meant that insider risk behaviors, such as disgruntled employees, or outside interference cannot be targeted. Additionally, incidents cannot be understood quickly.
Machine learning uncovers behavior and isolates intent
Employee behaviors are strong leading indicators of risk. Knowing when an employee, with access to important systems or data, is disgruntled or planning on leaving is valuable. Knowing early is priceless.
Whether your employee is disgruntled, departing, colluding with another firm, being coerced or simply has been hacked because of a phishing email, you need to know. And you need to know early.
Catelas layers algorithms including relationship forensics, behavioral analytics and content analytics, within a machine learning framework, to uncover these risks. With a less than 10% false positive rate, your incident response team is focused on real issues, not lost in the noise generated by previous generation of DLP solutions.
"Security incidents always come down to people. What they know and who they are telling. The way that Catelas uncovers relationships and visually displays how people are linked together makes them a must-have for any Security Investigations team."− Scott Emery, former Head of Investigations, State Street Bank
The Fines are Massive
U.S. hotel group Marriott has become the second firm to face a massive GDPR fine as the U.K. regulator continues on its rampage. The hotel group, which suffered a breach last year, could face a fine of over $123 million. The latest ICO fine comes after U.K. airline British Airways was hit with an even larger penalty of $229 million yesterday.
The BA fine was the biggest ever issued by the ICO and the first under the EU Update to General Data Protection Regulation (GDPR). Before BA, the largest fine issued by the ICO was £500,000. But under GDPR, firms can be fined up to 4% of turnover
Early Detection is key
Catelas fills gaps that exist in your current defenses today. We look for behaviors and indicators of intent to predict which insiders pose a threat to your business. We look at ever piece of communication both internally and externally to identify insider risk. We then present that in a way to allow you to investigate and triage fast.
Catelas Insider Risk Surveillance consistently delivers a better than 90% reduction in false positives, while identifying instances of insider risk across the business. Alerts are are focused, easily understood and quickly assessed.
Catelas uses patented behavioral algorithms to risk score each individual in your firm. We look at how they behave, what they say (NLP) and to whom they say it (Relationship Forensics).
Behavior is tracked over time and anomalies detected. These early indicators of risk help firms get ahead of issues early and protect the firm before it becomes costly.
Catelas can be deployed on premise or consumed as a service through our cloud based hosted platform.