Protecting intellectual property (IP) is critical to business survival. It’s what sets companies apart from their competition, framing the business, its purpose and growth potential. While losing customer data damages a brand’s reputation, trust and even bottom line, losing IP can threaten a company’s very existence. Therefore, preventing valuable corporate information from falling into the wrong hands is fundamental.
Just as identity theft represents a huge risk for individuals, organised groups of fraudsters are always on the lookout for new ways to exploit both public and private sector organisations. The PWC 2020 Economic Crime Survey reported that 47% of companies polled had experienced fraud in the past 24 months with an average of 6 incidents per company, with one of the most common being cybercrime. And the total cost of these crimes – a whopping US$42 billion!
As the threat landscape continues to evolve, and cybercriminals are increasingly focussing their attention on high value targets, organisations relying on securing their networks with traditional techniques such as antivirus and firewalls, may find they have gaps in their security strategy which leaves them open to dangerous exposure. Defending against today’s attacks requires a new way of thinking.
Company data being stolen – often unknowingly
The inherent mobility of today’s workforce is making it very challenging for organisations to have control of their IT infrastructure while meeting the privacy and security needs of these endpoints. A high proportion of device transactions take place in the background, without the user’s knowledge and this can often result in company data unknowingly being sent to countries where a high number of cyberattacks originate. To prevent this, we need to look at the problem in a new way, taking more of a preventative approach which focuses on the data leaving the device.
Hackers have become increasingly sophisticated, attacking organisations from all directions. Consider attacks on mobile devices alone; in 2018, there were an estimated 116.5 million malicious mobile software attacks and it’s expected that these types of attacks will increase by 50% in 2020. Malicious actors profile employee behaviour to gain insight into corporate networks and provide information that can be useful for targeted attacks. To mitigate these risks, companies must be able to detect unusual behaviour and block it before it’s too late.
Detecting unusual behaviour and shutting it down
Traditionally, organisations have relied on firewalls and ant-virus solutions to block threats and remove known infections, yet despite their popularity, this approach has done little to prevent the cyberattacks we see today. It’s inevitable that attackers will infiltrate the company network at some point and when this happens it’s critical that they are disarmed – preventing the transmission of data from one device to another through data exfiltration techniques. Because modern attacks are predicated on the ability to communicate with third party servers to steal data, it’s crucial that any cybersecurity solution is able to monitor, detect and prevent the unauthorized transmission of such data in real-time.
To ensure maximum protection of company IP, organisations need a multi-layered defense system that prevents data loss as well as unauthorised data profiling and collection. History tells us that cybercriminals will always find a way to get into a company’s network so the focus must be on preventing them from removing confidential data.
Dr Darren Williams, Founder and CEO of BlackFog
Join our free-to-attend digital event, Last Thursday in Privacy, addressing data protection, privacy and security challenges including working from home, COVID-19, global regulations and more. Visit https://digital.privsec.info/.
We have been awarded the number 1 GDPR Blog in 2019 by Feedspot.