Third Parties and Employee Data Leak Danger

Cybersecurity’s Elephant in the Room

The cybersecurity industry historically focuses on perimeter defense, including:

• Developing expertise in criminal activity on the Dark web
• Recruiting ex-government personnel trained to protect security network
• Building up protection against malware.

The traditional mindset is to keep the internet a safe place, the best way to spend your time is in hunting down the bad guy. While this approach has served us well for the past few decades, things have changed. The way we do business is increasingly digital, increasingly global and increasingly connected.

Threat Posed by Sharing Info

To succeed, businesses need to share information widely and rapidly. However this constant flow of information introduces numerous opportunities for our precious data to escape. It’s not just the hacker lurking on the Dark web that poses a risk to our information security, it is also our suppliers, contractors, or employees.

In advance of the onset of GDPR, Paypal opened up about the numerous third parties with whom it shares its users’ data. This includes up to 600 different firms. For us, the Paypal communiqué was more than a refreshingly honest contribution to the GDPR discussion; it underlined the extent to which the concept of “securing our data” (or even “securing our infrastructure”) is out of step with the way we do business today.

No matter how secure our internal networks might be, it doesn’t take much creativity to imagine a supplier saving our sensitive documents on an unsecured company server, a consultant working from home unwittingly backing up files onto a personal NAS drive, or an employee accidentally posting credentials on a code-sharing website.

The threat of negligence is nothing new. Information security professionals have long been aware that their role is more complex than acting as a sort of digital security guard, preventing thieves from entering the premises.

Start From the Beginning

We need to start thinking beyond where a cyber attack ends, and more about where it begins. Cyber criminals plan their attacks by exploiting data exposures, and 94% of the leaks that we find for our customers can be traced back to third parties.

So, why has the cybersecurity industry not adapted? Why are we spending so much time looking for broken windows when we’ve left the back door unlocked?

At CybelAngel, we certainly monitor the traditional settings of cyber crime, like Dark web networks. But we are also searching code-sharing sites where employees are accidentally posting source code. We are also searching the unprotected cloud storage where contractors are storing sensitive files.

We search these areas because we know that criminals are looking there. And, it’s not only criminals by the way, but also investigative reporters, or corporate spies.If we can detect data exposures before they are exploited by someone else, then it will be a lot easier for our customers to avoid the associated damage.

The landscape of cybersecurity is changing, and we need to shift our approach to keep up. Of course, the traditional settings of cyber crime remain relevant, and it would be a mistake to ignore them. There are many broken windows and a large number of open back doors used by third-party exchanges. We must continue alerting our customers to these. Malevolent actors recognize these opportunities and are eager to exploit these weakness.

Information security professionals can no longer ignore the threat of third-party and employee data leaks. And the cybersecurity industry needs to rise to the challenge of providing these information security professionals with the tools they need to detect data leaks before they are used to weaponize attacks.