A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Wasn't DLP supposed to fix this? - Amit Riswadkar (FeMaven) Cyphercon 2.0 (Hacking Illustrated Series InfoSec Tutorial Videos)

Wasn't DLP supposed to fix this?
Amit Riswadkar (FeMaven)
FeMaven
Cyphercon 2.0

Data exfiltration and insider threats are constant worry at most organizations, which has lead to companies implementing DLP but about half of employees have admitted to taking data from a former employer according to a recent survey. So why does this still happen? The problems with DLP have multiple causes from poor stakeholder engagement (not knowing what data to protect), being put in to fulfill regulatory requirements (for just the checkbox to pass an audit), generates wayyyyyy too many alerts, or not being put in as part of a larger strategy. During my talk, I?ll describe about how to tie all these issues together so you can get your arms them so you can start fixing it. And no, it?s not (just) using UBA.

FeMaven is a senior security engineer at Booz Allen Hamilton?s Commercial practice where he focuses on Data Protection and Governance in various highlyt regulated industries. He?s been in IT for about 10 years and in security for most of that time. He enjoys craft beer, whisky, world travel, computering, running, rock climbing, and cycling.

Back to Cyphercon 2.0 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast