insights: in data loss - apvera · the infographic above demonstrates the threat mitigation life...
TRANSCRIPT
Insights: In Data LossAvoiding a “Panama Papers” Episode
Lessons must be learnt from the Panama Papers fiasco, where 11.5 million documents (2.6 TB data, mostly emails) were leaked from the internal database of Panamanian law firm Mossack Fonseca. Almost 40 years of confidential financial information, identifying numerous high-ranking govern-ment and public officials from around the world, was last year disclosed online by the International Consortium of Investigative Journalists (ICIJ).
Using e-discovery tools, like those employed in the forensics pursuit of illegal activities such as insider trading and tax evasion; ICIJ uncovered why key political figures – such as Sigmundur David Gunnlaugsson, the Prime Minister of Iceland; David Cameron, the Prime Minister of the United Kingdom and Vladimir Putin, the President of Russia – have all been subject to significant scrutiny; and prominent international organizations are now being investigated for fraudulent and criminal behaviour.
apvera.com
Insights Data Loss Prevention
How did Panama Papers Episode happen?
“Organizations should fully understand the magnitude,
intensity and acceleration of technology risks
over the past 12 months. They should implement
robust insider threat management systems as well as
compliant operating processes to mitigate these risks."
MOSSAKFONSECA
Personal
Information
FinancialData
DATACOLLECTION
MaliciousInsider
DATAEXPOSED
Lack ofVisibility &Controls
DataStored
2.6 TBData Leak
Why Insight 360™
11.5 million documents 2.6 TB data of mostly emails were leaked from Panamanian law firm Mossack Fonseca. Private, sensitive financial information of prominent international organisations and key political figures and were compromised. Many are now being investigated for criminal and fraudulent behaviour.
Apvera Insight 360™ uses artificial intelligence and machine-learning based User & Entity Behaviour Analytics plus a highly integrated Intrusion Detection & Protection System capabilities to protect against internal and external threats, malicious actors, ihherent vulnerabilities and complex cyber security attacks.
Data Loss Prevention delivers visibility, movement, access and prevention of data loss in one integrated analytics behavioral platform.
Benefits • Beyond Perimeter Protection • Frictionless Deployment • End to End Policy Control • Sensitive Asset Protection
apvera.com
Reputational damage, can you or your customers bear it The cold, hard truth is the reputation of family offices, hedge funds and fiscal empires are fickle. It takes very little to reverse decades of good intentions, charitable actions and business best practice, just ask Mossack Fonseca.
Insights Data Loss Prevention
International regulations and complianceHow far reaching can a breach be to your business, and what are your legal obligations to risk management across the different jurisdictions of your own, and your customers’ regional offices? Typically, senior manage-ment and the board are legally responsible.
Proliferation of the devicesIncreasingly cyber security criminals are operating more sophisticated attacks that take advantage of mobiles, printers, IoT (Internet of Things) devices; consequently targeting innocent and inexperienced victims inside prominent business and government organizations.
Modernizing corporate data policies As traditional networking and security solutions are considered ineffective, a new approach is required. Public WiFi, refreshing passwords and public cloud usage policies need to be revaluated. End user education is paramount.
User and entity based behavioral analytics By leveraging artificial intelligence and machine-learning algorithms, malicious activity that would otherwise go unnoticed can be exposed. By applying forensic and analytic techniques, like those used ‘after the event’ in the Panama Papers, anomalous internal/external behavior can be found through real-time, live, deep-packet inspection.
Always protect your most valuable assets The data owned by your business - financials, client related information, employee records etc. - is probably your most valuable asset. Whether your reputation is at risk from confidential information being made public or if its important data being stolen to commit fraud, a comprise to your online systems could lead to huge losses. Protect your data with adequate cyber security measures.
Monitor unusual network activity and malicious Insider ThreatProtect against irregular data exfiltration, whether it be 2.6TB stolen in one hit, or in small batches sent to a suspicious destination Internet address over an extended period. Non-intrusive oversights can help prevent against innocent mistakes, such as Phishing & Ransomware exposures, or even mitigate the chance of more intentional, premeditated insider attacks (e.g. IP, financial or personal data theft).
Classify your most sensitive data ‘Not all data is considered equal’, nor should it be safeguarded in the same way. Micro-segmentation, encryp-tion-at-rest, and physical asset segregation are but a few techniques that can be employed to deter abuse of privileged access and Insider Data Exfiltration.
How might this breach have been avoided?
What could have been done to mitigated the breach?
The breach at Mossack Fonseca could have been avoided through proactive deployment of intrusion analytics, user & entity behavioural analytics (UEBA), and data loss prevention (DLP). Combining industry best practices for these three cyber security techniques; Apvera Insight 360™ delivers DLP visibility, movement, access and prevention in one sophisticated platform.
Protect your business from online compromises with Apvera Insight 360™
Apvera is a next generation threat intelligence platform that aims to enable organizations to deliver Insight into user behavioral usage patterns. We help companies understand enterprise security by focusing on user interaction levels and relationships with services and applications that may be deemed a threat; ensuring compliance with IT policies. Apvera leverages analytics to anticipate and prevent security breaches by identifying irregularities in usage behavior.
Insights Data Loss Prevention
apvera.com
Key Features and Benefits
Sensitive Asset Protection
all high value assets with fine grained
access intelligence, adding an invaluable
additional layer of security on top of existing
industry standard windows & active directory policies.
End to End Policy Control
Policy engine that enables contextual network access control across any device
that traverses the environment. Contextual controls are
based on multiple variables, including user, time, location,
access, and device.
Frictionless Deployment
Agent and cloud API based approaches lack the ability to
measure risk across larger distributed environments. Non-intrusive plug & learn
sensor-based technologies allow for device agnostic granular policies across any context.
Allow organizations to monitor, alert, analyze, investigate,
respond, share, and detect known and unknown threats regardless of organizational
size or skill set, widening the circle of protection
on premise and in the cloud.
Beyond the Perimeter
Gain actionable intelligence empowers organizations with crucial insights and enables to anticipate
Find granular enforceable activities related to user, device, keywords, location, and applications
Uncover broad internal and external public misuses of data, exposures and exfiltration
Understand the extent of compliant and rogue application adoption and usage
Discover actionable anomalous employee behavior by checking against historical patterns
Pinpoint threatening users, devices and risky user transactions caused by advanced persistent threats
Find DLP offers an extra layer of data security on top of industry standard AD and windows policies
Address compliance and legal hold requirements through insightful risky behavior and threat analysis
Insights Data Loss Prevention
DATACLASSIFICATION
Employee
Content
Application
Network
DeviceEmployeeDevices
3rd PartyApplications
Sensor
On-Premiseor Cloud
DATACOLLECTION
AdvancedCorrelation
PatternDetection
BehavioralAnalytics
HistoricalContext
EVENTWAREHOUSE
Policy
Visualization &Governance
who . what . when . where . how
UNITED STATES2443 Fillmore St Suite #380-7232San Francisco, CA 94115
+1 415 891 2270
SINGAPORE#07-11 Blk 71 Ayer Rajah CrescentSingapore, 139551
+65 3158 8697 [email protected]
HONG KONG4/F, C Wisdom Centre37 Hollywood RoadHong Kong S.A.R.
+852 5803 2940
Where Apvera Steps In
The infographic above demonstrates the threat mitigation life cycle and how Apvera Insight 360™ can be installed inside a business’s existing network. Whether your objective is to assess risks, enforce policies, or discover and secure sensitive content in your environment, the platform can give you a simple, real time view of your network, highlighting any potential risks. It also includes predictive technology that will alert you when an online activity or behaviour is suspicious before it escalates into something more serious.