Data Theft and Misuse are the Biggest Risks for SA Businesses

AI and ML Jobs


hard to do It is believed that zettabytes (or 1,000 bytes to the 7th power) did not exist before 2012. data per second. Not only that, but the data itself is everywhere, from mainframes to enterprise devices to hybrid multicloud environments.

Additionally, more and more businesses are backing up files, creating business continuity plans, building incident response teams, and investing heavily in data protection and data loss prevention. But why would they?

Exploding Threats

As the number and severity of cybersecurity incidents increase each year, organizations are under pressure to find measures to protect their customers’ data. 60-70% of all data loss incidents justify disclosure or have negative financial consequences. Data breaches cost an average of US$4.25 million per incident, and a company falls victim to a cyberattack on average every 11 seconds, yet it can take around nine months to identify and contain a data breach.

Measured as a country, cybercrime, projected to cause a combined $10.5 trillion in damages by 2025, will become the third largest economy after the United States and China, and the global killer of all major illegal drugs. More profitable than trading. Combined.

While external adversaries continue to evolve their tactics, it is worth noting that internal data breaches by negligent or disgruntled employees are also on the rise, accounting for nearly half of all data breaches. increase.

South African approach

To reveal how South African companies are tackling data loss prevention, TechCentral hosted a roundtable sponsored by Next DLP, at the Saxon Hotel & Spa in Sandton, where South African leaders from across industries I spoke with a senior executive.

Participants delved into the tools, procedures and best practices available to protect data, and the role of leadership and employee education in developing an ethical, data-driven, and security-aware culture .

All agree that Data Loss Prevention (DLP) is everyone’s responsibility in business, and enterprises today need a holistic approach that fully confronts cybersecurity as a matter of human behavior and motivation, not a technology issue. I agree with you.

Employees remain the biggest threat

Most representatives agreed that while cybersecurity threats are constantly evolving and that third-party contractors and vendors represent a significant risk to any entity, employees remain a consistent vulnerability. People within an organization are often responsible for data breaches primarily through negligence, but sometimes through malicious intent.

To address this growing challenge, attendees identified a simple but important intervention.

  • Strengthen your training and keep it up to date. Many participants shared that they had training programs in place, but found the depth and breadth of content, and the method and frequency of content delivery, to be insufficient to drive meaningful change in behavior. Agreed with. Employees need training delivered in real time in an innovative and proactive manner at the time of the incident. Businesses should also keep abreast of industry developments by sharing information and consulting with industry peers.
  • Prioritize cybersecurity and data protection. It is imperative that representatives focus security spending where it is needed most: security of networks, systems, applications, devices, physical facilities, security development, protocol sharing, and implementation of incident response processes. Agreed on one thing. That said, while data loss prevention strategies and decisions are often handled by IT, data management, and compliance team members, data loss prevention is everyone’s responsibility, and operating an effective DLP program is critical. There was a consensus that leadership support has become essential for

leadership security role cculture

As an often overlooked element of “people, process and technology,” internal culture and security awareness may be the only thing that separates an organization from a successful cyberattack.

All attendees agreed that modifying the existing corporate culture to increase the level of security awareness requires buy-in and support from all leaders within the company. They should be responsible for supporting initiatives, leading by example, understanding information security, and being involved in the development of items such as incident response plans, business continuity plans, and other key procedures.

Culture is not a language. It’s about deeds. The employee focuses on leadership and his team’s actions, not on what they say.

respect customers dat,privacy

In 2010 Steve Jobs said: I think people are smart. Some want to share more than others. ask them. “

Now, more than a decade later, these words are slowly but surely finding their business model grounded in organizations subject to privacy regulations such as Popia and GDPR, especially in processing large volumes of highly sensitive customer data. It is becoming a requirement for organizations.

Attendees agreed that, in addition to complying with the law, smart companies know that having a robust DLP program in place is good business. With the explosion of digital technology, consumers are very concerned about how their personal information will be used and protected, and participants are concerned that their data may not be handled properly. , shared the view that customers are increasingly at risk of switching companies and providers.

In their view, an organization’s data loss prevention program can be a competitive differentiator. In fact, one large financial services firm said it was “very aggressive” in shaping its data management policies and practices.

Role of AI and ML

Participants were asked to design programs specifically with these technologies in mind and to clarify the role of artificial intelligence and machine learning in the context of security, whether forward-looking or not.

Despite the fact that AI and ML are already enhancing tools that greatly improve the business decision-making process, myths around AI, especially around job security, remain rife.

That said, participants were also aware of the short-term and long-term benefits of integrating AI into their business cybersecurity ecosystem (improved protection and remediation due to AI’s ability to detect subtle attacks and enhance incident response). etc.) need to be investigated further. This is especially true for tools that enable organizations to visualize, analyze, and understand data flows and activities across all users and endpoints, with the ability to transform the landscape.

A Holistic Approach to DLP

Despite the many and sometimes different challenges facing information security, data privacy, and compliance professionals, the common sentiment shared by all participants was that a holistic approach to data loss prevention is critical. That’s what it means.

This approach requires the combined use of information security tools and technologies. Employee behavior modification training that reinforces good behavior. Effective policies, procedures and standards. Moreover, this approach is critical to effectively countering cyber threats while providing organizations with added value beyond data protection.

TechCentral, in partnership with Next DLP, would like to thank everyone who attended the roundtable.

About Next
Next DLP (“Next”) is a leading provider of data protection solutions for organizations with valuable data that need to expose risks, educate employees, and meet security, compliance and regulatory needs. Next’s mission is to reinvent data protection for today’s distributed organizations. It is disrupting the traditional data loss prevention market with user-centric, flexible, cloud-native AI/ML-powered solutions built for today’s threat landscape. The company’s leadership brings decades of cyber and technology experience from Fortra (formerly HelpSystems), DigitalGuardian, Forcepoint, Mimecast, IBM, Cisco and Veracode. Next is trusted by organizations large and small, from Fortune 100 to fastest growing healthcare and technology companies. For more information, visit www.nextdlp.com or connect with us on LinkedIn and YouTube.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *