We talk about data loss, data leakage and data exfiltration as if they are one of the same things. But, in fact, they are very different. And what makes it the difference is “intention”.
“Intention” is often defined as the purpose, aim, goal or objective to commit in carrying out action or actions in the future. It involves mental activities such as planning, rehearsal and forethought.
The difference between malicious and unintentional insider incidents is that the former has “intent” to commit a malicious act, whereas the latter, there is no “intent”.
Is the result of data that has been unintentionally or accidentally misplaced so that it is no longer accessible. Simply put, it is lost.
Here are some examples.
We often lose data simply because we haven’t got a proper workflow or procedure for data restoration.
Is the result of the unauthorised and unintentional transmission of data within an organisation to an outside party. Be aware that data can be transferred electronically or physically.
Here are some examples.
Is the result of unauthorised but intentionally copying, transferring or retrieval of data from within the organisation and taking it out. It is often referred to as “data theft”.
Data exfiltration is primarily a “data breach” when the organisation data is illegally stolen. And the reason they steal it is usually for business advantage. They either take it with them to a new job, to start a new competing business or to take it to a foreign government or organisation.
Note, according to the insider threat division of CERT, nearly 75% of all data theft was carried out by insiders that had authorised access to the information.
As the saying goes “data by itself” doesn’t leave the organisation. It is essential that your organisation understand its information assets. Key questions that you must answer before you can move forward with a protection strategy needs to include the following.
Answering these questions will help your organisation to inventory your data and importantly develop the appropriate mitigation strategy whether it be data-loss, data-leakage or data-exfiltration.
One of the best ways for your organisation to know its assets and protect them from the insider attacks effectively is to conduct a data risk assessment. The assessment purpose is to provide you with two key deliverables:
Interested in gaining visibility? Reach us by leaving your details here - https://www.nakedinsider.com/contact-us
Take The Challenge
How resilient is your business from insider threat harm? Would you be interested in finding out how you compare to your industry peers? Would you be surprised to know that most organisations that have taken this assessment are somewhat vulnerable? To find out more, https://www.nakedinsider.com/contact-us
For more information, you can also send them an email at: [email protected] or give us a call at: +61 26282-5554.