One Article Review
| Source |  ProofPoint |
|---|---|
| Identifiant | 8439931 |
| Date de publication | 2024-01-17 06:00:02 (vue: 2024-01-17 16:08:08) |
| Titre | Comment mettre en place un programme de gestion des menaces d'initié et de prévention des pertes de données How to Set Up an Insider Threat Management and Data Loss Prevention Program |
| Texte | This blog post is adapted from our e-book, Getting Started with DLP and ITM. The last few years have brought unprecedented change. An increasingly distributed workforce, access to more data through more channels and a shift to the cloud have transformed the nature of work. These trends have made protecting sensitive data more complicated and demanding. What\'s clear is that organizations are struggling to rise to the challenge. Between 2020 and 2022, insider threats increased by a staggering 44%. And the costs of addressing them increased 34%-from $11.45 million to $15.38 million. This upswing mainly comes down to two factors. For starters, most security teams have little visibility into people-caused data loss and insider-led security incidents. And few have the tools or resources to handle it. That\'s why Gartner sees platforms for data loss prevention and insider threat management (DLP and ITM) increasingly converging. Businesses need tools and processes that give them holistic, contextualized insights that take user behavior into account. It\'s no longer enough to focus on data-and where it\'s moving. To prevent data loss, industry leaders need to take a people-centric approach that expands beyond traditional drivers like compliance. In this blog post, we\'ll explore some basics for designing an ITM and DLP program. This can help you approach information protection in a way that\'s built for how modern organizations work. Why information protection is so challenging Risks are everywhere in today\'s complex landscape. Here are a few changes making it difficult for companies to protect their data. More data is open to exposure and theft. As businesses go digital, more data is being generated than ever before. According to IDC\'s Worldwide Global DataSphere Forecast, the total amount of data generated data will double from 2022 to 2026. That means malicious insiders will have more access to more sensitive data through more channels. It will also be easier for careless users to expose data inadvertently. Plus, any security gap between channels, any misconfiguration or any accidental sharing of files can give external attackers more opportunities to steal data. New data types are hard to detect. Data isn\'t just growing in volume. It\'s also becoming more diverse, which makes it harder to detect and control. With traditional DLP program tools, data typically fits within very tightly defined data patterns (such as payment card number). But even then, it generates too many false positives. Now, key business data is more diverse and can be graphical, tabular or even source code. The network security perimeter no longer exists. With more employees and contractors working remotely, the security perimeter has shifted from brick and mortar to one based on people. Add to the mix bring-your-own-device (BYOD) practices, where the personal and professional tend to get blurred, and security teams have even more risks to contend with. In a survey for the 2023 State of the Phish report from Proofpoint, 72% of respondents said they use one or more of their personal devices for work. Employee churn is high. Tech industry layoffs in 2022 and 2023 have seen many employees leaving and joining businesses at a rapid rate. The result is greater risk of data exfiltration, infiltration and sabotage. Security leaders know it, too-39% of chief information security officers rated improving information protection as the top priority over the next two years. Security talent is in short supply. A lack of talent has left many security teams under-resourced. And the situation is likely to get worse. In 2023, the cybersecurity workforce gap hit an all-time high-there are 4 million more jobs than there are skilled workers. DLP vs. ITM What\'s the difference between DLP and ITM? Both DLP and ITM work to prevent data loss. But they achieve it in different ways. DLP tracks data movement and exfiltration DLP monitors file activity and scans content to see whether users are handling sen |
| Envoyé | Oui |
| Condensat | $11 $15 2020 2022 2023 2026 about abuse access accidental according account accounts accurately achieve across actions activities activity actors acts adapted add additional addressing admins after against all alone also always amount analyzes answer any application applies approach are as: assessing assessment assessments assets attack attacked attackers automate avoid aware background bad based basic basics because becoming before behavior behaviors behavior being best better between beyond blog blurred board book both brand breaches brick bring brought build building built business businesses but byod can capabilities capacity captures card careless case cases caused centric certain challenge challenging change changes channels checks chief churn clear clearly cloud code collaboration comes common communicate companies company complex compliance complicated comprehensive compromised conduct connect connecting contend content context contextualized continues contractors contractors control controls converging converging corporate costs cover coverage create critical cross current cybersecurity cycle damage data datasphere data decreasing define defined demanding departing deploy design designed designing details detect determine device devices difference different difficult digital directors distributed diverse dlp documented doing don dots double down download drivers due earlier easier effective eliminates employee employees employees empowered enlist enough ensure enterprise environment essential establish even events ever every everyday everyone everywhere evidence evolving exact example executives exfiltration exfiltration existing exists expand expands expert expertise explore expose exposure extensive external eyed factors fallen false fears file files fine fits focus focused focuses forces forecast from full fully functional funding gap gaps gaps gartner generated generates get gets getting give global goal governance graphical greater group growing handle handling hard harder has have help help here high hit hoc holistic how human hurdles hybrid idc identify implement implementation improve improving inadvertently incidents includes including increased increasingly indicators industry infiltration information inherently insider insiders insights intent interface internal investigation investigations investments investor involved is: isn issues itm itm its jobs joining just keep key know lack landscape last laws layoffs leaders leading learn: leaving led left legal legally level like like: likely limitations limited line little longer loss low made mainly make makes making malicious malware manage managed management managing many matures: maturity may means meanwhile measure meet met might milestone milestones million mind minimum misconfiguration mitigate mix modern monitoring monitors months more mortar most movement moving much narrowly nature near need needs network new next nontechnical not noted now number oauth objective office officers often one open operating operational opportunities organization organizational organizations other others out outline over oversight overview own pain parties patterns payment people people™ performance perimeter personal personnel phish phishing pillars place plan plan platform platforms plus point points policies policy positives post potential practices predetermined prevent prevention priority privacy privileged privileges procedures process processes professional program programs program program project promote proofpoint protect protecting protection protects provide public purpose questions rapid rate rated reach reactionary ready real regular regulated relations remediation remotely report requirements requirements resourced resources respond respondents responsibilities result reveal review reviews right rise risk risks risky roles roll rules running sabotage said saving scale scaling scans screenshots secure security see seen sees self sensitive services set sharing shift shifted short sho |
| Tags | Tool Threat Cloud Technical |
| Stories | |
| Notes | ★★ |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.