The numbers from the 2019 Verizon Data Breach Investigations report are not reassuring.
- 67% increase in Impersonation/Business Email Compromise (BEC) attacks. Of these 83% resulted in direct loss
- 94% of companies experienced email-based phishing attacks
- 88% experienced email-based spoofing of business partners or vendors
- 71% experienced a malicious attack, spread by employees
- 53% experienced business disrupting email-based ransomware attack
What’s worse, 56% of data breaches took months or longer to discover. You’re infected and you don’t even know!
For Insider Theft, over half (56%) of cases involved the use of attachments in emails outside of the company, while 26% of thieves took the physical route and printed out the info. USBs and memory sticks accounted for just six per cent
Your own communication systems (email, IM, social media) are your greatest weakness as it is an open highway, enabling insider risk or allowing outsiders to gain access & ex-filtrate sensitive data.
Solutions in the past have failed to effectively monitor communications data because of the sheer volume of false positives generated by DLP systems.
Overwhelming false positives and the lack of sophistication has meant that insider risk behaviors, such as disgruntled employees, or outside interference cannot be targeted. Additionally, incidents cannot be understood quickly.
Machine learning uncovers behavior and isolates intent
Employee behaviors are strong leading indicators of risk. Knowing when an employee, with access to important systems or data, is disgruntled or planning on leaving is valuable. Knowing early is priceless.
Whether your employee is disgruntled, departing, colluding with another firm, being coerced or simply has been hacked because of a phishing email, you need to know. And you need to know early.
Catelas layers algorithms including relationship forensics, behavioral analytics and content analytics, within a machine learning framework, to uncover these risks. With a less than 10% false positive rate, your incident response team is focused on real issues, not lost in the noise generated by previous generation of DLP solutions.
Privacy & Big Brother versus Protecting your Business
Your own employees and the email used to conduct the business of the firm represent the greatest risk of data loss. Yet, monitoring employee email represents legal and HR challenges.
Catelas uses AI based algorithms to monitor employee behavior and their email, in a non-intrusive way, that protects their privacy while protecting your business.
"Security incidents always come down to people. What they know and who they are telling. The way that Catelas uncovers relationships and visually displays how people are linked together makes them a must-have for any Security Investigations team."− Scott Emery, former Head of Investigations, State Street Bank
The Fines are Massive
U.S. hotel group Marriott has become the second firm to face a massive GDPR fine as the U.K. regulator continues on its rampage. The hotel group, which suffered a breach last year, could face a fine of over $123 million. The latest ICO fine comes after U.K. airline British Airways was hit with an even larger penalty of $229 million yesterday.
The BA fine was the biggest ever issued by the ICO and the first under the EU Update to General Data Protection Regulation (GDPR). Before BA, the largest fine issued by the ICO was £500,000. But under GDPR, firms can be fined up to 4% of turnover
Early Detection is key
Catelas fills gaps that exist in your current defenses today. We look for behaviors and indicators of intent to predict which insiders pose a threat to your business. We look at ever piece of communication both internally and externally to identify insider risk. We then present that in a way to allow you to investigate and triage fast.
Catelas Insider Risk Surveillance consistently delivers a better than 90% reduction in false positives, while identifying instances of insider risk across the business. Alerts are are focused, easily understood and quickly assessed.
Catelas uses patented behavioral algorithms to risk score each individual in your firm. We look at how they behave, what they say (NLP) and to whom they say it (Relationship Forensics).
Behavior is tracked over time and anomalies detected. These early indicators of risk help firms get ahead of issues early and protect the firm before it becomes costly.
Catelas can be deployed on premise or consumed as a service through our cloud based hosted platform.