You’ve locked the doors, built higher walls, and armed yourself against cyber criminals. But what if the breach that takes you down isn’t outside? What if it’s already inside your business?
Most organisations pour time and resources into fighting malicious actors beyond their virtual walls, yet overlook the ‘friendly fire’ of insider threats. What’s the cost of that blind spot? On average, approx. $22 million AUD per incident, enough to make any leader sit up and pay attention.
You might be thinking, “We’ve got Data Loss Prevention (DLP) in place, so we’re covered.” However, the uncomfortable truth is that 99% of companies are already using traditional DLP solutions, and insider-driven breaches are still on the rise[SD1] . The old playbook isn’t enough anymore.
One thing is clear: change must happen, and it must happen fast.
Deploying a typical DLP tool is no quick win. It takes time, people, and budget, and in a world where your environment changes daily, gaps appear fast. By the time the data is classified and policies deployed and fine-tuned, your defences may already be outdated.
Insider threats aren’t only about malicious acts by disgruntled staff. While malicious incidents still occur, a growing number of data leaks relate less to colleagues with an axe to grind and more to inadvertent oversharing with generative AI tools. In fact, 86% of IT leaders fear that users are leaking data in this way.
It happens all too easily, and the road to a data loss dumpster fire is often paved with the good intentions of someone just trying to do a better job in the time they have available. They upload a file or copy and paste important details to try to create a more compelling customer email and before you know it, tools like ChatGPT quickly build up a library of sensitive data.
While generative AI and other user behaviors can fuel an already combustible situation, Mimecast’s Incydr is the rapid response extinguisher that dampens down insider threats before they spread out of control.
It monitors and analyses how users move data in and out of an organisation, learns about how data moves around the business, and helps detect risky or suspicious activity. Implemented in minutes, it tracks file and data movement to cloud applications, USBs, emails, personal accounts and AI platforms. Unusual data transfers are flagged, especially those from high-risk users with privileged access or who have resigned, for example. Risks are ranked in terms of severity to make it easy to prioritise in a busy IT environment.
In a real-world context, that might mean that if the HR manager, deemed high risk due to privileged access to sensitive personnel information, moves employee records to a new OneDrive account, an alert is sent to nominated recipients. It is even set up to close the loophole of individual staff who establish data rules knowing how to circumvent them, and no business wants to deal with the reputation fallout of a departing CIO or security lead taking sensitive data as they exit.
Because it tracks the way data is moved, one of the big wins here is that Incydr detects gaps and blind spots that existing solutions are missing, making it much easier to get more from current security measures, without the usual legwork involved. It integrates with leading endpoint, identity, and data protection solutions to extend its capabilities and decrease response time.
Take the free Mimecast Incydr assessment now! It only takes five minutes and get a personalised report highlighting gaps and suspicious file activity tailored specifically to your environment.
With more than 60 Mimecast certifications and nearly 40 years’ experience protecting Australian organisations, Data#3 doesn’t just deliver tools, we deliver outcomes. We understand your complete environment, beyond just security technology, giving you the insight and support needed to strengthen defences and reduce risk. Talk to our team of Data#3 Security Specialists today on how you can leverage Mimecast solutions to protect your business.
