background preloader


Facebook Twitter


Dasera protects businesses from insider threats. Our query analysis engine automatically finds, flags, and rewrites unsafe queries in data warehouses

The ultimate guide to building an insider threat program - Dasera. In today’s digitized world, organizations capture & store an enormous amount of consumer data.

The ultimate guide to building an insider threat program - Dasera

This data is leveraged for valuable insights to drive business growth. While data has powered some of the most rewarding business innovations over the last decade, there’s a real challenge with protecting consumer data and privacy. Data breaches happen all the time - this year alone we will have almost 5,000 reported internal data breaches (as estimated by the Ponemon Institute). A data breach cost organizations millions of dollars in fines, remediations, and lost revenue. As per the 2020 Cost of Insider Threats Global Report by the Ponemon Institute, the average cost of an internal data breach is $11.5 million. Outside of these costs, companies suffer from a great loss of trust, each time they suffer from a data breach. So why do these internal breaches happen? Businesses are highly focused on protection against external cyber threats. What is an Insider Threat? Malintent Break Ins. Queries: the Ground Truth for Internal Data Security. (This is a blog series on SQL Queries by the Dasera Engineering team.

Queries: the Ground Truth for Internal Data Security

In this first edition, Dasera co-founder and CTO Noah Johnson discusses an often overlooked internal risk: queries executed by insiders) Companies are collecting petabytes of consumer data. This data is extremely valuable: it generates insights, informs business decisions, improves efficiency, and creates competitive advantage. Extracting value from the data requires giving access to data analysts, so it’s no surprise that companies are expanding internal data access. Historically, access was given only to a small number of trusted employees. As more employees have access to sensitive data, the risk of internal breaches increases. How can companies provide flexible data access to employees while protecting against data breaches? Limitations of Existing Solutions Most security efforts today are externally focused, designed to keep malicious outsiders out.

Why you (and everyone you know) have a blind spot for insider threats. At RSA 2020 (ah, the good old pre-pandemic days when we still had trade shows), I met with a PR firm with a substantial cybersecurity practice.

Why you (and everyone you know) have a blind spot for insider threats

I asked them, “Hey, is it just me, or do insider breaches not get as much media coverage as outsider breaches?” Their response: Outsider breaches are a lot more sensational and get a lot more media attention. It’s sexy to write about a group of hacktivists who penetrated someone’s perimeter with a complex, 12-step hack. It’s not so sexy to write about an employee with an axe to grind.” But it’s not just the media and reporters that care more about external threats (and as a result, less about insider threats). In McKinsey & Company's 2018 article, Insider threat: The human element of cyberrisk, the authors write: Insider threat via a company’s own employees (and contractors and vendors) is one of the largest unsolved issues in cybersecurity.

Why does this happen? There are 4 possible explanations. 1. Malicious employees are only part of the picture. Dasera: Automatically ensures safe querying of sensitive data. Dasera Presents on Insider Threats at RSA Conference 2020 LaunchPad. Hello world, We’re so excited to launch our blog with this exciting news: we were chosen as a TOP THREE Launch Pad startup at RSA Conference 2020!

Dasera Presents on Insider Threats at RSA Conference 2020 LaunchPad

Read the announcement from RSA here. How was RSAC 2020? Apart from using lots of Purell and doling out elbow handshakes and air hugs, the entire Dasera team was on the ground, meeting prospects, partners, investors, and other vendors. We learned a lot about the security industry by attending many interesting talks on and off the show floor. But the highlight of the whole show was our co founder and CTO Dr. Highlights of Noah’s talk: Business’ need to analyze customer data and their moral responsibility to protect consumers from data loss/hacks - these things are fundamentally in conflict today. What’s next? Dasera’s mission is to help companies build trust with consumers by ensuring safe internal use of sensitive data. We’re going to be busy onboarding new customers on our Discovery product - you can launch it in 15 minutes and start identifying: