2013 Insider Threat to Banks and Credit Unions – Data Leakage

The following is an excerpt from an article regarding the “Top IT Security Threats for 2013”

“One of the areas we see a dramatic increase of concern is over data leakage,” says Michael Bruck of Chicago-based BAI Security.  “The ease in which an individual can export sensitive information from an internal network is chilling for many institutions.  We often conduct such evaluations during our Security Audit program and demonstrate just how easy and undetectable the process can be in most environments.”  Even with the headlines and various forms of education on this subject, BAI Security recently reported that as many as 40% of institutions responded in a recent survey that they were concerned their organization has been a victim of data leakage.

As noted by many security experts, you can’t detect what you’re not monitoring for on your network.  “The technology exists widely today and is used in many larger institutions, but we’ve only seen Data Leakage Protection (DLP) technology in use at smaller institutions in recent years as the cost has decreased” as Mr. Bruck points out.  DLP is also being added to other common managed services used by smaller institutions, such as Managed Security Services, which already monitor firewall and intrusion detection systems.

While the focus here is insider threats, Data Leakage Protection (DLP) is also an additional tool to detect and alert on malicious activity from external threats that have already compromised internal systems.

Posted in BAI Security Blog, IT Assessment Tools and tagged , , , , , , , , , , .