By Evelyn de Souza, Data Privacy and Security Leader, Cisco Systems and Strategy Advisor, Cloud Security Alliance
Everything we know about defeating the insider threat seems to not be solving the problem. In fact, evidence from the Deep, Dark and Open Web points to a greatly worsening problem. Today’s employees work with a number of applications and with a series of clicks information can be both maliciously and accidentally leaked.
The Cloud Security Alliance has been keen to uncover the extent of the insider threat problem with its overall mission of providing security assurance within Cloud Computing, and providing education to help secure cloud computing.
As a follow up to the Top Threats in Cloud Computing and over recent months we surveyed close to 100 professionals on the extent of the following:
- Employees leaking critical information and tradecraft on illicit sites
- Data types and formats being exfiltrated along with exfiltration mechanisms
- Why so many data threats go undetected
- What happens to the data after it has been exfiltrated
- Tools to disrupt and prevent the data exfiltration cycle
- Possibilities to expunge traces of data once exfiltrated
We asked some difficult questions that have surprised our audience and that many were hard pressed to answer. We wanted to get a clear picture of the extent of knowledge and where the gaps lay. We hear lots of talk about the threats to the cloud and challenges that organizations facing it take. And, in the wake of emerging data privacy regulation, we see much discussion about ensuring levels of compliance. However, the results of this survey show there is a gap with dealing with both present and future requirements for data erasure in the cloud. And, that despite the fact that accidental insider threats or misuse of data is a common phenomenon, there is a distinct lack of procedure for dealing with instances across cloud computing.