Join the Community

21,951
Expert opinions
44,041
Total members
412
New members (last 30 days)
163
New opinions (last 30 days)
28,660
Total comments

The need for data theft deterrents

This case is just the latest example of how “trusted insiders” can pose a risk to an organisation’s data security defences and how they continue to by-pass them altogether, only to get found out when it’s too late. It highlights that while most organisations have invested heavily in securing their systems from “external” threats, there has been proportionately less investment in mitigating the threat from inside, by implementing robust user activity monitoring and effective control systems.

However, what this scenario also underlines is the importance of user education and getting employees, subcontractors and third party vendors to not only treat company data with the utmost respect, but also to get them to understand that controls and monitoring are in place to identify security gaps and avoid data leakage in the first place.

At the end of the day, no matter what systems and processes a company has in place, if an ‘insider’ wants to steal data, there is a residual risk that they will find a way of doing so. However, they will be disinclined to attempt data theft if they know that they are likely to be found out; either before the event (through automatic alert generation) or after the event (through forensic examination of user activity logs).

Through such user activity monitoring, Computershare may well have avoided the litigation costs and reputational damage associated with this recent case.

External

This content is provided by an external author without editing by Finextra. It expresses the views and opinions of the author.

Join the Community

21,951
Expert opinions
44,041
Total members
412
New members (last 30 days)
163
New opinions (last 30 days)
28,660
Total comments

Trending

Kyrylo Reitor

Kyrylo Reitor Chief Marketing Officer at International Fintech Business

Future of SPI in Poland

Now Hiring