Has the pandemic and remote working created an environment of heightened risk of insider data breaches? Here, Darren Cooper, Chief Technology Officer (CTO) for Egress, speaks to Security magazine about what organizations can do to prevent data loss. 

 

Security: What is your background and current role?

Cooper: I am the CTO for Egress, where I’m responsible for product innovation and leading the strategic technical direction of the company. Prior to this, I was Egress’ VP of Product Architecture, and in total I have been with the company for over four years. Before joining Egress, I spent over 16 years at Vodafone, where I was the technical design authority working end to end across custom solutions for enterprise customers.

 

Security: What challenges are organizations experiencing with data and data loss?

Cooper: Organizations are fighting a daily battle against data loss. Our recent 2021 Data Loss Prevention Report found that an overwhelming 95% of organizations have experienced data loss in the last year. It’s email that poses the highest risk, with 83% of IT leaders surveyed reporting that they’d suffered email data breaches. Human error is at the root of a significant proportion of these data loss incidents – for example, employees sending misdirected emails containing sensitive data because Outlook autocomplete suggested an incorrect recipient, or attaching the wrong file because they were in a rush to get information sent by a deadline. In fact, our research found that almost one-quarter of email data loss was caused by an employee sharing data in error. When you consider the vast amount of data that employees are sharing via email each and every day, you can start to see the true scale of the risk.

Traditional email DLP tools are a big part of the reason why data loss remains a challenge. Our research found that 79% of IT leaders have deployed static DLP tools to try to protect data. However, every single one of them also reported that they were frustrated by their tools. Furthermore, these tools offer only patchy protection. When asked, 42% of IT leaders said that their DLP tool wouldn’t detect half of all incidents. Many organizations simply aren’t adequately protected against email data loss.

 

Security: Are organizations at increased risk for email data breaches, especially with the pandemic?

Cooper: The risk is certainly growing as a result of the pandemic. Since we moved to a model of mass remote working, we’re all relying on digital communication more than ever before. Employees have turned to a host of digital tools, from Teams to video conferencing, but it’s email that’s proven the most popular. This was evidenced in our report, which found that 85% of employees indicated that they’re sending more emails now than they did before the pandemic. Larger email volumes, particularly over a sustained period of time, have broadened the surface area for risk, meaning that a larger number of email data breaches are occurring. IT leaders agreed, with 59% reporting that they’ve experienced an increase in email data loss since the pandemic began.

 

Security: Has the pandemic created an environment of heightened risk of insider data breaches?

Cooper: The pandemic has created working conditions which are a perfect environment for human error. Our research found that 60% of remote employees are still working in environments where distractions and interruptions happen frequently, such as shared communal areas at home. Employees are being bombarded with distractions, from home schooling to delivery drivers at the door and pets in need of attention. It’s no surprise that one-fifth of IT leaders in our survey pointed to distracted remote workers as the cause of the increased data loss they’re seeing.

Furthermore, after a year of remote working, employees are struggling. Our research revealed that 73% of remote workers are feeling worse as a result of remote working during the pandemic. We all know how easy it is to make mistakes when you’re feeling tired or stressed, and this is having a real impact on risk, particularly employees inadvertently causing a data breach. Now take that individual risk and multiply it across the entire remote workforce.

This new, heightened level of risk won’t go away as the pandemic subsides– remote and hybrid working is here to stay. Many employees have proven that their jobs can be done from home, and it’s unlikely that the old way of working – five days a week in the office – will return. So, this is an issue that organizations need to tackle in the long term, not just for now.

 

Security: What best practices can IT/security leaders implement to help prevent insider data breaches?

Cooper: Security leaders need to recognize that human error is inevitable and implement a strategy with this in mind. They need to utilize a combination of training and technology if they want to mitigate the risk of insider data breaches. Training is always useful as it helps to educate employees on the security risks they’re encountering on a daily basis. It helps to create awareness, but also it helps to build a culture of engagement, which is key. Educated, engaged employees can spot and mitigate a proportion of security risks, but in truth there’s only so far that training alone can take you. That’s where technology comes in – but not using the traditional technologies!

Organizations need to implement advanced DLP solutions, which utilize contextual machine learning, if they want to effectively mitigate the risk of human-activated data breaches. Unlike traditional tools, advanced DLP technology can genuinely detect risky behaviors, such as sending an email to the wrong address, and alert the user before an incident can occur. By only prompting users when a genuine risk is detected, advanced DLP solutions can mitigate the increased risk of data breaches without getting in the way of employee productivity.