Back to Blog

CPS Takeaways on Securing Collaboration from Insider Threats

by | Jan 8, 2020

Nucleus Cyber recently presented and exhibited with our partner LiveTiles at the Content Protection Summit in Los Angeles. The main theme of this year’s summit was ‘Insider Threats’ with the keynote delivered by Dr. Eric Haseltine, chairman of the board for the U.S. Technology Leadership Council, focusing on the human dimension of security. He made the compelling argument that no data system will ever be perfect as human behavior presents the biggest security risk. We couldn’t agree more with Dr. Haseltine’s advice. Together with Live Tiles, we delivered a session on “Securing Collaboration from Insider Threats” during the event. Here’s a great summary of the presentation that recently appeared in M&E Daily.

Key Takeaways on Securing Collaboration from Insider Threats

Safeguarding sensitive information from insiders can be just as important as securing that info from those outside an organization — especially when using collaboration tools such as Office 365 and Microsoft Teams, according to LiveTiles and artificial intelligence-driven security solution provider Nucleus Cyber.

Therefore, it’s important to take basic steps to provision and secure your collaboration tools.

“The insider threat is one that a lot of people are concerned of” today, Steve Marsh, VP of product at Nucleus Cyber, said Dec. 4, during the Software and Watermarking breakout presentation “How to Secure Collaboration from Insider Threats” at the Content Protection Summit.

“The collaboration world that we live in, powered by cloud collaboration tools” by Microsoft and other companies has “made it even tougher for us to get an idea of who is sharing what, where [our] sensitive information [is] and how… we make sure people are using it in the right way,” Marsh told attendees.

He pointed to the “employee handbook we all signed when we joined our companies that said, ‘this is how I will handle intellectual property’ but then forgot all about.” However, organizations can actually take those policies now and “physically enforce them,” he said.

There are three decidedly different types of insider threats, even if all of them can cause damage to an organization. First, “there is the malicious person who’s about to steal all your intellectual property and go off to a competitor,” Marsh pointed out. There are also the “negligent” employees who “bend the rules slightly” and don’t think anything bad will come of it, he said. And then there’s the accidental kind of insider threats – such as the folks who print out a file and then misplace it, he noted.

What’s more, it’s often hard to tell when an incident has been caused intentionally, through negligence or accidentally, he said.

Marsh pointed to data from the 2019 Insider Threat Report by Cybersecurity Insiders, with support from Nucleus Cyber, that revealed 60% of organizations had experienced an insider attack in the past 12 months, while 70% disclosed that insider attacks had become more frequent.

The report underscored the real threat posed by trusted insiders. Although security and IT team attention are mainly focused on hackers, attacks from within are a significant threat to the entertainment industry as the BBC discovered with the leaked “Doctor Who” scripts that Marsh made note of.

“It’s very difficult to discern the damage” from at least some incidents, but “apparently preventing the damage” from the “new Star Wars movie script” incident cost only “$85 on eBay to buy the script before it went out,” which was “incredibly lucky” for the Disney, he said.

Marsh shared a few steps that media and entertainment organizations can take to protect their content from insider threats.

For one thing, he said it is preferable for organizations to be “proactive” before incidents happen rather than just “reactive” after an incident happens.

While some organizations might look to cut off all guest users from accessing their information systems, an option in between that and allowing all guests access is much more realistic, he pointed out.

Meanwhile, some organizations may opt to try a security initiative that only allows certain devices to access their information, but he said it’s “starting at the wrong perimeter” to focus on a device or app. “What we need to be thinking about is the data itself,” he said.

He added: “No one works in an office these days all the time. Everyone is moving. The data and the users are moving, so we have to be able to do this across all devices.” Banning certain devices and apps also seems destined for failure because employees these days “don’t like to be forced to work in a way they’re not used to,” he said, adding people are often “tech-savvy” today and “we go and find a different way to do it.”

Meanwhile, “you can really start to get very granular” in what you can control via enforcement rules today, he noted. For example, you can only allow certain employees to access certain files, he told attendees. Organizations can also look to lock down files if users are in an airport or hotel rather than their homes or offices, he pointed out.

Unique steps can also be taken with watermarks now, such as placing dynamic watermarks within files, he also said. While his company’s solution supports storage platforms including Office 365 and Dropbox across multiple devices now, he said “Box is coming.”

Join us for a Webinar on Insider Threat Prevention January 22

If you didn’t attend the CPS Summit, don’t worry. We’re joining up with Live Tiles on January 22nd at 3pm EST for a live webinar to discuss “How to Secure Collaboration from Insider Threats.”

Register today!

Share This