Corporations that are developing data loss prevention software have noted that DLP is anticipated to be the fastest-growing segment in security through 2018. While the growth is anticipated to be at 18.9%, the problems that are occurring seem to have a focus in particular areas of failure.
The first key factor has been in the installation of large DLP tools that appeared to choke networks and required investment of excessive server deployment. Due to cost, the companies removed the DLP systems and many made the decision to attempt to bring an internal team onboard. The secondary level of failure was then placing the company data at risk due to the size of a team to configure and maintain the complexities of the average DLP deployment. The perception of companies then fell back to the standard old-school rules to not allow staff access to Facebook and to refuse the ability to allow USB devices. Neither of which are definitive in controlling the data breach situations.
Sharon Knowles, CEO of DaVinci Forensics says:
“New strategies must be developed to address the sophistication of the security of a company to avoid data losses. This involves examination, planning and implementation across the entire spectrum of the network. DaVinci Forensics works with each organization to address their specific challenges and assists in monitoring and education to ensure against the accidental or deliberate unauthorized use of information. Prevention and control are the initial steps as well as flexibility when the rules change.”
According to a Cisco report for SA companies:
- An astonishing 70% of people are not aware of recent high-profile security breaches (such as Heartbleed)
- 66% of employees believe employee behavior is one of the top two biggest threats to data security, with organized cybercrime second at 59%
- 62% believe their company has an IT security policy in place but 12% don’t know
- 36% have low to moderate levels of adherence to the policy and one in 14 people actively circumvent their company IT security policy
- 43% believe IT security is stifling innovation in their organization and that the cost of lost business opportunity outweighs the cost of a security breach
The elements of corporate privacy are on the brink of a technological breakthrough as everyone awaits the POPI (Protection of Personal Information) Act. While compliancy will be a requirement to maintain critical and sensitive information, this isn’t a blanket single solution that can be effective for all organizations. The need for continuous monitoring to assess situations is one of the highest priorities, but this is often undermined as SA companies continue in a culture of non-disclosure and cover-ups. It is in the secrecy, that we are missing the boat for immediacy of action. The POPI Act is one method that will open the doors for more transparency so that the risk factors will be reduced.