Data Leakage

It seems that everywhere we turn, public and private organizations are “leaking” everything from secret government and corporate documents to consumer private data. Recent news headlines describe spectacular losses of both secret government cables, sensitive corporate information, and consumer and citizen data in the retail, banking, education, government, pharmaceutical, and other key industry sectors. These losses have cost organizations hundreds of millions of dollars, significant embarrassment, and permanent reputational damage, not to mention the inconvenience and costs to your customers. Beyond what is known to the public, it also is likely that losses of sensitive and classified data never are disclosed in the press, but happen on an equally frequent basis.

Data leakage protection (DLP) and content management (CMF) vendors have been around for a while, but there are limitations to what they can do for you. According to Forrester, 85% of organizations using content filtering technologies do not implement the filtering component of the technology because of concerns with issues such as false positives, and fears that legitimate business traffic will be interrupted by overly complex or simplistic filters. Content review technologies embedded in these products have been hampered by the severely limited number of protocols parsed by these systems and by the flawed assumption that adversaries, whether internal or external, will use standard business communication methodologies such as Web, email and chat as the primary vehicle for leaking data out of your network. Bypassing these controls is very simple, even for user with modest technical skills.

Network Security Monitoring Must EVOLVE and be AGILE to Combat Data Leakage
If you are concerned about protecting your organizational data and preventing data leakage, the only way you can be confident that data is not leaving your network is by knowing everything that happens across the network, i.e., capturing all network traffic and reconstructing the network sessions to the application layer for automated alerting and monitoring in NetWitness Informer, and visual inspection of content traversing the network in NetWitness Spectrum and Visualize. NetWitness provides pervasive visbility into content and behavior designed to ensure that your sensitive and classified information, your customer’s personally identifiable information (PII), your intellectual property, and your other valuable data are protected from accidental and intentional leakage.