SlideShare uma empresa Scribd logo

Humans Are The Weakest Link – How DLP Can Help

Transferir como PPTX, PDF
Valery Boronin
Valery Boronin

SAS 2012 Official Video is available at http://www.youtube.com/watch?v=Vr8lmIhc0pk Abstracts: All companies are invested in security, but far from all came to realize: employees’ awareness and education are the key factors to improve information protection and prevent data leaks. You can install most powerful DLP, encryption and other security tools, hire a lot of security officers and consulters to tune your business processes, eventually waste a lot of money and resources at security issues, but if end-users don’t understand threats, don’t know rules – they cannot follow internal policies and regulations, cannot correctly use appropriate tools. It’s all for nothing. Efficient information security strategy is to create a culture of awareness and enforcement – culture where users understand the consequences. This session is about 3 main things: 1) What is user awareness in information security? 2) Why user awareness is required? 3) How to raise user awareness and what are key factors. Practical recommendations for security user awareness program adopters and practitioners will be given. Role of the DLP in raising user awareness will be highlighted. Related links: http://www.youtube.com/watch?v=vXlyuGXAZzU – Valery Boronin on Data Luxury Protection at DLP Russia 2011 (in Russian)

TecnologiaNegócios
1 de 27
Click to edit Master title style Humans Are The Weakest Link – How DLP Can Help Valery Boronin, Director DLP Research Vera Trubacheva, System Analyst DLP Research, R&D, Kaspersky Lab February 3, 2012 Cancun, Mexico, Ritz-Carlton Hotel
Click to edit Master title style Agenda 1. DLP to date 2. Key challenge 3. User awareness 1. What is it? 2. Why is it required? 3. How to raise it? 4. How DLP could help? 4. Q&A
DLP to date Master title style Click to edit Customers want: Customers receive: 1. Easy 1. Complicated 2. Convenient 2. Inconvenient 3. Reliable 3. Unreliable 4. Cheap 4. Expensive Gartner research estimates that more than 800 technology vendors and other providers currently have data security offerings. Numerous nontechnical controls are also available. The difficulty of understanding all these options, their benefits and their challenges tends to lead to enterprises using limited subsets of the available tools and having serious gaps in controls and risk mitigation Typical Elements of an Enterprise Data Security Program, Gartner, Aug 2009 Page 3 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Key Challenge is the Complexity Click to edit Master title style Technologies Data Expertise & Tools Luxury People Protection Processes Page 4 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Accusation against title style Click to edit Master DLP 1.0 No user awareness in DLP 1.0 Claim 1: Raising user awareness. Claim 2: Control of education efficiency. Mock trial Page 5 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
What to userMaster title style Click is edit awareness? User awareness is making users aware of information security policies, threats, mitigating controls Security education Childhood Work Page 6 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Click to edit Master title style 1. It is required by law See Appendix 1 Page 7 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Click to edit Master title style 2. To protect the weakest link in security – the human Page 8 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Evidence 1 Click to edit Master title style Guess what this is: • 12345 • qwerty • 11111 • abc123 • admin Page 9 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Evidence 2 Click to edit Master title style Page 10 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Evidence 3 Click to edit Master title style Security incidents The weakest link in security is human! 100% Target of all 90% successful APT attacks is a user Exploits need a 75% (Mandiant) user interaction (Symantec) Human factor 60% Accidental mistakes (InfoWatch) Page 11 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Why is user awareness required? Click to edit Master title style 3. To reduce huge costs! $7,2 billion per data breach in 2010 $56,165 for a lost notebook in 2010 You could buy a yacht like this for one data breach Page 12 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
How to raiseMaster title style Click to edit user awareness? Recognize the problem Page 13 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
How to raiseMaster title style Click to edit user awareness? Get top management support Page 14 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
How to raiseMaster title style Click to edit user awareness? Know your data Page 15 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
How to raise user awareness? Click to edit Master title style Prepare clear, simple instructions Page 16 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
What to edit Master title style Click to teach? 1.Security basics 2.Corporate policy rules 3.Incident response Page 17 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
How to teach? Click to edit Master title style Use different ways See Appendix 2 Page 18 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Key Factor 1Master title style Click to edit Explain Page 19 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Key Factor 2Master title style Click to edit Measure results before and after Page 20 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Key Factor 3Master title style Click to edit Explain consequences for secure and unsecure behavior Page 21 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Members of the Jury: Time for Action Click to edit Master title style Poll of the Jury Page 22 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Courtto edit Master title style Click Decision: Verdict DLP 1.0 must 1. Raise user awareness 2. Control education efficiency Page 23 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Click to edit Master title style Humans Are The Weakest Link – How DLP Can Help Thank you! Raise User Awareness! Valery Boronin Vera Trubacheva Director DLP Research System Analyst, DLP Research Kaspersky Lab Kaspersky Lab Valery.Boronin@kaspersky.com Vera.Trubacheva@kaspersky.com +7 495 797 8700 x4200 +7 495 797 8700 x4201
Appendix 1 Master title style Click to edit For compliance with laws and regulations: • Payment Card Industry Data Security Standard (PCI DSS) • Federal Information System Security Managers Act (FISMA) • Health Insurance Portability and Accountability Act (HIPAA) • Gramm-Leach-Bliley Act (GLBA) • Sarbanes-Oxley Act (SOX) • EU Data Protection Directive • National Institute of Standards and Technology (NIST 800-53) • International Organization for Standardization: ISO/IEC 27001 & 27002 • Control Objectives for Information and Related Technology (CoBiT 4.1) • Red Flag Identity Theft Prevention • Personal Information Protection and Electronic Documents Act (PIPEDA) • Management of Federal Information Resources (OMB Circular A-130) • Some state breach notification laws (ie Massachusetts 201 CMR 17.00) • Стандарт Банка России по обеспечению информационной безопасности организаций банковской системы Российской Федерации (СТО БР ИББС) Page 25 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Appendix 2 Master title style Click to edit • Security topics • E-mail etiquette • Social Engineering • Clean Desk • Protecting Sensitive Information • Strong Password • Data owners • Internet • Identity theft • Personal use • Protecting data • Mobile security Page 26 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
Appendix 3 Master title style Click to edit Sources of Awareness Material: • CERT • Ponemon Institute • ISSA • The university of Arizona • NIST SP 800-50 and NIST SP 800-16 • SANS (presentations, Security Awareness Newsletters, training) • InfoSecurityLab (posters, Wallpapers & Screensavers, Newsletters) Page 27 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012

Recomendados

Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)Hussein Al-Sanabani
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Symantec DLP for Tablet
Symantec DLP for TabletSymantec DLP for Tablet
Symantec DLP for TabletSymantec
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
2010 za con_stephen_kreusch
2010 za con_stephen_kreusch2010 za con_stephen_kreusch
2010 za con_stephen_kreuschJohan Klerk
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelIntel - API Security & Tokenization
 

Recomendados

Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)Hussein Al-Sanabani
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Symantec DLP for Tablet
Symantec DLP for TabletSymantec DLP for Tablet
Symantec DLP for TabletSymantec
 
ISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting GroupISSA DLP Presentation - Oxford Consulting Group
ISSA DLP Presentation - Oxford Consulting Groupaengelbert
 
2010 za con_stephen_kreusch
2010 za con_stephen_kreusch2010 za con_stephen_kreusch
2010 za con_stephen_kreuschJohan Klerk
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz abdeen data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelIntel - API Security & Tokenization
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
DLP customer presentation
DLP customer presentationDLP customer presentation
DLP customer presentationMedley India Infosolution Pvt Ltd
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention Dhananjay Aloorkar
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss PreventionGary Bahadur
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaksAbhishek Sood
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Data Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow CanyonData Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow CanyonVlad Catrinescu
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
 
Dlp notes
Dlp notesDlp notes
Dlp notesanuepcet
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
Securing Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the CloudSecuring Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the CloudLiwei Ren任力偉
 
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLPRobert Kloots
 
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)Global Business Events
 
Catalogo Portachiavi Per Auto
Catalogo Portachiavi Per AutoCatalogo Portachiavi Per Auto
Catalogo Portachiavi Per AutoAlessio Astolfi
 

Mais conteúdo relacionado

Mais procurados

Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss PreventionGary Bahadur
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaksAbhishek Sood
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 
Data Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow CanyonData Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow CanyonVlad Catrinescu
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLPYun Lu
 
Securing Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the CloudSecuring Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the CloudLiwei Ren任力偉
 
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...Andris Soroka
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLPRobert Kloots
 

Mais procurados (20)

Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from Symantec
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak prevention
 
DLP customer presentation
DLP customer presentationDLP customer presentation
DLP customer presentation
 
Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)Best Practices for Implementing Data Loss Prevention (DLP)
Best Practices for Implementing Data Loss Prevention (DLP)
 
Data Leakage Prevention
Data Leakage Prevention Data Leakage Prevention
Data Leakage Prevention
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
 
Kyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epoKyle Taylor – increasing your security posture using mc afee epo
Kyle Taylor – increasing your security posture using mc afee epo
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks DLP 101: Help identify and plug information leaks
DLP 101: Help identify and plug information leaks
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
 
Data Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow CanyonData Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
Data Loss Prevention in SharePoint 2016 Webinar with Crow Canyon
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and Algorithms
 
Dlp notes
Dlp notesDlp notes
Dlp notes
 
Information Leakage & DLP
Information Leakage & DLPInformation Leakage & DLP
Information Leakage & DLP
 
Securing Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the CloudSecuring Your Data for Your Journey to the Cloud
Securing Your Data for Your Journey to the Cloud
 
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
DSS ITSEC 2013 Conference 07.11.2013 - For your eyes only - Symantec PGP Re-L...
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage Presentation
 
Metrics, Risk Management & DLP
Metrics, Risk Management & DLPMetrics, Risk Management & DLP
Metrics, Risk Management & DLP
 

Destaque

InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)Global Business Events
 
Catalogo Portachiavi Per Auto
Catalogo Portachiavi Per AutoCatalogo Portachiavi Per Auto
Catalogo Portachiavi Per AutoAlessio Astolfi
 
DLP 9.4 - новые возможности защиты от утечек
DLP 9.4 - новые возможности защиты от утечекDLP 9.4 - новые возможности защиты от утечек
DLP 9.4 - новые возможности защиты от утечекVladyslav Radetsky
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge Pereira
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Symantec
 
Управление инцидентами информационной безопасности с помощью DLP Solar Dozor
Управление инцидентами информационной безопасности с помощью DLP Solar DozorУправление инцидентами информационной безопасности с помощью DLP Solar Dozor
Управление инцидентами информационной безопасности с помощью DLP Solar DozorSolar Security
 

Destaque (6)

InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
 
Catalogo Portachiavi Per Auto
Catalogo Portachiavi Per AutoCatalogo Portachiavi Per Auto
Catalogo Portachiavi Per Auto
 
DLP 9.4 - новые возможности защиты от утечек
DLP 9.4 - новые возможности защиты от утечекDLP 9.4 - новые возможности защиты от утечек
DLP 9.4 - новые возможности защиты от утечек
 
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
Edge pereira oss304 tech ed australia regulatory compliance and microsoft off...
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14
 
Управление инцидентами информационной безопасности с помощью DLP Solar Dozor
Управление инцидентами информационной безопасности с помощью DLP Solar DozorУправление инцидентами информационной безопасности с помощью DLP Solar Dozor
Управление инцидентами информационной безопасности с помощью DLP Solar Dozor
 

Semelhante a Humans Are The Weakest Link – How DLP Can Help

Humans Are The Weakest Link – How DLP Can Help?
Humans Are The Weakest Link – How DLP Can Help?Humans Are The Weakest Link – How DLP Can Help?
Humans Are The Weakest Link – How DLP Can Help?Vera Trubacheva
 
Big data - teams not technology
Big data - teams not technologyBig data - teams not technology
Big data - teams not technologyUpside Energy Ltd
 
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-final
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-finalDDN Accelerating-Decisions-Through-Enterprise-Hadoop-final
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-finalIntelHealthcare
 
The Key to Effective Analytics: Fast-Returning Queries
The Key to Effective Analytics: Fast-Returning QueriesThe Key to Effective Analytics: Fast-Returning Queries
The Key to Effective Analytics: Fast-Returning QueriesEric Kavanagh
 
Why there is no future for Model Driven Development
Why there is no future for Model Driven DevelopmentWhy there is no future for Model Driven Development
Why there is no future for Model Driven DevelopmentJohan den Haan
 
Sunrise Presentation, Company Overview 2012
Sunrise Presentation, Company Overview 2012Sunrise Presentation, Company Overview 2012
Sunrise Presentation, Company Overview 2012jvangombos
 
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdfDataScienceConferenc1
 
Sira insights from cloud vendor risk assessments
Sira insights from cloud vendor risk assessmentsSira insights from cloud vendor risk assessments
Sira insights from cloud vendor risk assessmentsCary Sholer
 
Dynamic Data Masking - Breakthrough Innovation in Application Security
Dynamic Data Masking - Breakthrough Innovation in Application SecurityDynamic Data Masking - Breakthrough Innovation in Application Security
Dynamic Data Masking - Breakthrough Innovation in Application SecurityDobler Consulting
 
The New Database Frontier: Harnessing the Cloud
The New Database Frontier: Harnessing the CloudThe New Database Frontier: Harnessing the Cloud
The New Database Frontier: Harnessing the CloudInside Analysis
 
Dell Software: An Opportunity for Channel Partners
Dell Software: An Opportunity for Channel Partners Dell Software: An Opportunity for Channel Partners
Dell Software: An Opportunity for Channel Partners Dell World
 
Service production from d3 pitfall viewpoint
Service production from d3 pitfall viewpointService production from d3 pitfall viewpoint
Service production from d3 pitfall viewpointWalter Liu
 
Ron Kasabian - Intel Big Data & Cloud Summit 2013
Ron Kasabian - Intel Big Data & Cloud Summit 2013Ron Kasabian - Intel Big Data & Cloud Summit 2013
Ron Kasabian - Intel Big Data & Cloud Summit 2013IntelAPAC
 
Peopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashupsPeopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashupsJusto Hidalgo
 
DataOps - Big Data and AI World London - March 2020 - Harvinder Atwal
DataOps - Big Data and AI World London - March 2020 - Harvinder AtwalDataOps - Big Data and AI World London - March 2020 - Harvinder Atwal
DataOps - Big Data and AI World London - March 2020 - Harvinder AtwalHarvinder Atwal
 
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...Real-World Data Governance: Tools of Data Governance – Purchased and Develope...
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...DATAVERSITY
 
ElizabethPrattConsulting_DellPortfolio
ElizabethPrattConsulting_DellPortfolioElizabethPrattConsulting_DellPortfolio
ElizabethPrattConsulting_DellPortfolioLiz Pratt
 
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...Denodo
 
Extreme SSAS - Part I
Extreme SSAS - Part IExtreme SSAS - Part I
Extreme SSAS - Part IItay Braun
 

Semelhante a Humans Are The Weakest Link – How DLP Can Help (20)

Humans Are The Weakest Link – How DLP Can Help?
Humans Are The Weakest Link – How DLP Can Help?Humans Are The Weakest Link – How DLP Can Help?
Humans Are The Weakest Link – How DLP Can Help?
 
Big data - teams not technology
Big data - teams not technologyBig data - teams not technology
Big data - teams not technology
 
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-final
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-finalDDN Accelerating-Decisions-Through-Enterprise-Hadoop-final
DDN Accelerating-Decisions-Through-Enterprise-Hadoop-final
 
The Key to Effective Analytics: Fast-Returning Queries
The Key to Effective Analytics: Fast-Returning QueriesThe Key to Effective Analytics: Fast-Returning Queries
The Key to Effective Analytics: Fast-Returning Queries
 
Why there is no future for Model Driven Development
Why there is no future for Model Driven DevelopmentWhy there is no future for Model Driven Development
Why there is no future for Model Driven Development
 
Sunrise Presentation, Company Overview 2012
Sunrise Presentation, Company Overview 2012Sunrise Presentation, Company Overview 2012
Sunrise Presentation, Company Overview 2012
 
Sunrise presentation
Sunrise presentationSunrise presentation
Sunrise presentation
 
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
[DSC MENA 24] Abdelrahman_Ghallab_-_Data_Product_mgmt.pdf
 
Sira insights from cloud vendor risk assessments
Sira insights from cloud vendor risk assessmentsSira insights from cloud vendor risk assessments
Sira insights from cloud vendor risk assessments
 
Dynamic Data Masking - Breakthrough Innovation in Application Security
Dynamic Data Masking - Breakthrough Innovation in Application SecurityDynamic Data Masking - Breakthrough Innovation in Application Security
Dynamic Data Masking - Breakthrough Innovation in Application Security
 
The New Database Frontier: Harnessing the Cloud
The New Database Frontier: Harnessing the CloudThe New Database Frontier: Harnessing the Cloud
The New Database Frontier: Harnessing the Cloud
 
Dell Software: An Opportunity for Channel Partners
Dell Software: An Opportunity for Channel Partners Dell Software: An Opportunity for Channel Partners
Dell Software: An Opportunity for Channel Partners
 
Service production from d3 pitfall viewpoint
Service production from d3 pitfall viewpointService production from d3 pitfall viewpoint
Service production from d3 pitfall viewpoint
 
Ron Kasabian - Intel Big Data & Cloud Summit 2013
Ron Kasabian - Intel Big Data & Cloud Summit 2013Ron Kasabian - Intel Big Data & Cloud Summit 2013
Ron Kasabian - Intel Big Data & Cloud Summit 2013
 
Peopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashupsPeopleware. Introduction to Enterprise DataMashups
Peopleware. Introduction to Enterprise DataMashups
 
DataOps - Big Data and AI World London - March 2020 - Harvinder Atwal
DataOps - Big Data and AI World London - March 2020 - Harvinder AtwalDataOps - Big Data and AI World London - March 2020 - Harvinder Atwal
DataOps - Big Data and AI World London - March 2020 - Harvinder Atwal
 
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...Real-World Data Governance: Tools of Data Governance – Purchased and Develope...
Real-World Data Governance: Tools of Data Governance – Purchased and Develope...
 
ElizabethPrattConsulting_DellPortfolio
ElizabethPrattConsulting_DellPortfolioElizabethPrattConsulting_DellPortfolio
ElizabethPrattConsulting_DellPortfolio
 
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...
Self Service Analytics and a Modern Data Architecture with Data Virtualizatio...
 
Extreme SSAS - Part I
Extreme SSAS - Part IExtreme SSAS - Part I
Extreme SSAS - Part I
 

Mais de Valery Boronin

Тренды кибербезопасности, угрозы и вызовы в 2018 году
Тренды кибербезопасности, угрозы и вызовы в 2018 годуТренды кибербезопасности, угрозы и вызовы в 2018 году
Тренды кибербезопасности, угрозы и вызовы в 2018 годуValery Boronin
 
SecDevOps. Разработка, DevOps и безопасность.
SecDevOps. Разработка, DevOps и безопасность.SecDevOps. Разработка, DevOps и безопасность.
SecDevOps. Разработка, DevOps и безопасность.Valery Boronin
 
Практика оформления проекта и презентаций
Практика оформления проекта и презентацийПрактика оформления проекта и презентаций
Практика оформления проекта и презентацийValery Boronin
 
SDL/SSDL для руководителей
SDL/SSDL для руководителейSDL/SSDL для руководителей
SDL/SSDL для руководителейValery Boronin
 
PT Application Inspector SSDL Edition product brief
PT Application Inspector SSDL Edition product briefPT Application Inspector SSDL Edition product brief
PT Application Inspector SSDL Edition product briefValery Boronin
 
PT Application Inspector SSDL Edition листовка
PT Application Inspector SSDL Edition листовкаPT Application Inspector SSDL Edition листовка
PT Application Inspector SSDL Edition листовкаValery Boronin
 
Application Inspector SSDL Edition product
Application Inspector SSDL Edition productApplication Inspector SSDL Edition product
Application Inspector SSDL Edition productValery Boronin
 
Построение процесса безопасной разработки - Стачка 2016
Построение процесса безопасной разработки - Стачка 2016Построение процесса безопасной разработки - Стачка 2016
Построение процесса безопасной разработки - Стачка 2016Valery Boronin
 
Valery Boronin on DLP Russia 2010
Valery Boronin on DLP Russia 2010Valery Boronin on DLP Russia 2010
Valery Boronin on DLP Russia 2010Valery Boronin
 
Data Luxury Protection - защита данных с удовольствием!
Data Luxury Protection - защита данных с удовольствием!Data Luxury Protection - защита данных с удовольствием!
Data Luxury Protection - защита данных с удовольствием!Valery Boronin
 

Mais de Valery Boronin (10)

Тренды кибербезопасности, угрозы и вызовы в 2018 году
Тренды кибербезопасности, угрозы и вызовы в 2018 годуТренды кибербезопасности, угрозы и вызовы в 2018 году
Тренды кибербезопасности, угрозы и вызовы в 2018 году
 
SecDevOps. Разработка, DevOps и безопасность.
SecDevOps. Разработка, DevOps и безопасность.SecDevOps. Разработка, DevOps и безопасность.
SecDevOps. Разработка, DevOps и безопасность.
 
Практика оформления проекта и презентаций
Практика оформления проекта и презентацийПрактика оформления проекта и презентаций
Практика оформления проекта и презентаций
 
SDL/SSDL для руководителей
SDL/SSDL для руководителейSDL/SSDL для руководителей
SDL/SSDL для руководителей
 
PT Application Inspector SSDL Edition product brief
PT Application Inspector SSDL Edition product briefPT Application Inspector SSDL Edition product brief
PT Application Inspector SSDL Edition product brief
 
PT Application Inspector SSDL Edition листовка
PT Application Inspector SSDL Edition листовкаPT Application Inspector SSDL Edition листовка
PT Application Inspector SSDL Edition листовка
 
Application Inspector SSDL Edition product
Application Inspector SSDL Edition productApplication Inspector SSDL Edition product
Application Inspector SSDL Edition product
 
Построение процесса безопасной разработки - Стачка 2016
Построение процесса безопасной разработки - Стачка 2016Построение процесса безопасной разработки - Стачка 2016
Построение процесса безопасной разработки - Стачка 2016
 
Valery Boronin on DLP Russia 2010
Valery Boronin on DLP Russia 2010Valery Boronin on DLP Russia 2010
Valery Boronin on DLP Russia 2010
 
Data Luxury Protection - защита данных с удовольствием!
Data Luxury Protection - защита данных с удовольствием!Data Luxury Protection - защита данных с удовольствием!
Data Luxury Protection - защита данных с удовольствием!
 

Último

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Último (20)

Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Humans Are The Weakest Link – How DLP Can Help

  • 1. Click to edit Master title style Humans Are The Weakest Link – How DLP Can Help Valery Boronin, Director DLP Research Vera Trubacheva, System Analyst DLP Research, R&D, Kaspersky Lab February 3, 2012 Cancun, Mexico, Ritz-Carlton Hotel
  • 2. Click to edit Master title style Agenda 1. DLP to date 2. Key challenge 3. User awareness 1. What is it? 2. Why is it required? 3. How to raise it? 4. How DLP could help? 4. Q&A
  • 3. DLP to date Master title style Click to edit Customers want: Customers receive: 1. Easy 1. Complicated 2. Convenient 2. Inconvenient 3. Reliable 3. Unreliable 4. Cheap 4. Expensive Gartner research estimates that more than 800 technology vendors and other providers currently have data security offerings. Numerous nontechnical controls are also available. The difficulty of understanding all these options, their benefits and their challenges tends to lead to enterprises using limited subsets of the available tools and having serious gaps in controls and risk mitigation Typical Elements of an Enterprise Data Security Program, Gartner, Aug 2009 Page 3 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 4. Key Challenge is the Complexity Click to edit Master title style Technologies Data Expertise & Tools Luxury People Protection Processes Page 4 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 5. Accusation against title style Click to edit Master DLP 1.0 No user awareness in DLP 1.0 Claim 1: Raising user awareness. Claim 2: Control of education efficiency. Mock trial Page 5 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 6. What to userMaster title style Click is edit awareness? User awareness is making users aware of information security policies, threats, mitigating controls Security education Childhood Work Page 6 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 7. Why is user awareness required? Click to edit Master title style 1. It is required by law See Appendix 1 Page 7 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 8. Why is user awareness required? Click to edit Master title style 2. To protect the weakest link in security – the human Page 8 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 9. Why is user awareness required? Evidence 1 Click to edit Master title style Guess what this is: • 12345 • qwerty • 11111 • abc123 • admin Page 9 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 10. Why is user awareness required? Evidence 2 Click to edit Master title style Page 10 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 11. Why is user awareness required? Evidence 3 Click to edit Master title style Security incidents The weakest link in security is human! 100% Target of all 90% successful APT attacks is a user Exploits need a 75% (Mandiant) user interaction (Symantec) Human factor 60% Accidental mistakes (InfoWatch) Page 11 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 12. Why is user awareness required? Click to edit Master title style 3. To reduce huge costs! $7,2 billion per data breach in 2010 $56,165 for a lost notebook in 2010 You could buy a yacht like this for one data breach Page 12 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 13. How to raiseMaster title style Click to edit user awareness? Recognize the problem Page 13 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 14. How to raiseMaster title style Click to edit user awareness? Get top management support Page 14 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 15. How to raiseMaster title style Click to edit user awareness? Know your data Page 15 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 16. How to raise user awareness? Click to edit Master title style Prepare clear, simple instructions Page 16 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 17. What to edit Master title style Click to teach? 1.Security basics 2.Corporate policy rules 3.Incident response Page 17 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 18. How to teach? Click to edit Master title style Use different ways See Appendix 2 Page 18 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 19. Key Factor 1Master title style Click to edit Explain Page 19 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 20. Key Factor 2Master title style Click to edit Measure results before and after Page 20 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 21. Key Factor 3Master title style Click to edit Explain consequences for secure and unsecure behavior Page 21 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 22. Members of the Jury: Time for Action Click to edit Master title style Poll of the Jury Page 22 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 23. Courtto edit Master title style Click Decision: Verdict DLP 1.0 must 1. Raise user awareness 2. Control education efficiency Page 23 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 24. Click to edit Master title style Humans Are The Weakest Link – How DLP Can Help Thank you! Raise User Awareness! Valery Boronin Vera Trubacheva Director DLP Research System Analyst, DLP Research Kaspersky Lab Kaspersky Lab Valery.Boronin@kaspersky.com Vera.Trubacheva@kaspersky.com +7 495 797 8700 x4200 +7 495 797 8700 x4201
  • 25. Appendix 1 Master title style Click to edit For compliance with laws and regulations: • Payment Card Industry Data Security Standard (PCI DSS) • Federal Information System Security Managers Act (FISMA) • Health Insurance Portability and Accountability Act (HIPAA) • Gramm-Leach-Bliley Act (GLBA) • Sarbanes-Oxley Act (SOX) • EU Data Protection Directive • National Institute of Standards and Technology (NIST 800-53) • International Organization for Standardization: ISO/IEC 27001 & 27002 • Control Objectives for Information and Related Technology (CoBiT 4.1) • Red Flag Identity Theft Prevention • Personal Information Protection and Electronic Documents Act (PIPEDA) • Management of Federal Information Resources (OMB Circular A-130) • Some state breach notification laws (ie Massachusetts 201 CMR 17.00) • Стандарт Банка России по обеспечению информационной безопасности организаций банковской системы Российской Федерации (СТО БР ИББС) Page 25 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 26. Appendix 2 Master title style Click to edit • Security topics • E-mail etiquette • Social Engineering • Clean Desk • Protecting Sensitive Information • Strong Password • Data owners • Internet • Identity theft • Personal use • Protecting data • Mobile security Page 26 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012
  • 27. Appendix 3 Master title style Click to edit Sources of Awareness Material: • CERT • Ponemon Institute • ISSA • The university of Arizona • NIST SP 800-50 and NIST SP 800-16 • SANS (presentations, Security Awareness Newsletters, training) • InfoSecurityLab (posters, Wallpapers & Screensavers, Newsletters) Page 27 SAS 2012, DLP Research, Kaspersky Lab February, 3d, 2012

Notas do Editor

  1. Valery brings funny toy to the scene & makes it sitting.Hello everyone.I am veryglad to openConference Day Two. My name is Valery Boronin and, together <pointing gesture to Vera> with Vera Trubacheva, werepresent DLP Research department at Kaspersky Lab.Antimalware technologiesare primarily focused on external threats and have achieved truly outstanding results to date, in many respects this success is due to years of effort by many of you. DLP focuses mainly on internal threatsandthe technology for this is not yet very mature But what is common for both is that a weakest link is always the same.Today, together with you, we will talk about the weakest link in security –the human.We will talkhow DLP can help the Human.
  2. Let’s briefly overview an agenda.We spend a few minutes to figure out Customers’ expectationsin regard to DLP 1.0<pointing gesture to DLP 1.0 toy>, represented by this funny toy as a personification of DLP technologies to date.Then, I’ll describe Key Challenge for DLP vendors, relate it to the topic and deliver it together with Vera. <pointing gesture to Vera> Let’s go!
  3. Valery :Dear friends, our performance is finished. Hope you enjoyed it. Thank you very much for your attention!