Linguistic analysis of threats and information leakage in financial organizationsAugust 29, 2016 No Comments
Featured article by Yana Yelina, website design and development expert at EffectiveSoft
Nowadays, information loss and data leakage in any sphere is one of the most complicated problems to face. Public health corporations are having negative experience in losing electronic record files with personal and protected health information, including Social Security numbers and medical histories. Online shops, in turn, due to authentication bugs are facing a dangerous situation when all customer’s accounts are at risk of a data breach. Another example in this regard is stealing customer records by banks employees before joining the rival.
No matter how you slice it, the majority of these breaches accrues to financial and trading spheres that swarm with threats, let it be internal or external ones. As a result, security issues are becoming as important as daily operating procedures, and financial software development experts that can guarantee info protection are really in demand.
In the modern world, we can see the development of the mobile and computing technology. And of course everyone relishes this rise – businessmen, researchers, medicine workers, scientists, and, unfortunately, foes.
Over the last few years, different companies faced such unpleasant situations, like the loss of a vast number of laptops, backup tapes and mobile devices, USB, which led to extensive damage. And it’s not always clear whether it was an external or internal leakage…
Everyone is more worried about external threats, thinking of hackers, malware authors, organized crimes, activists, and nation-state groups. And it is not by chance: according to the 2015 Intel Grand Theft Data, external actors were responsible for 57% (compared to 43% of insiders) of data breaches. External foes were likely to steal customers’ data than employee’s info, and were interested in payment card information. Furthermore, they stole mostly Microsoft Office documents, carried out a great number of image and video thefts.
As for electronic methods of stealing data, external hackers used mostly web and file transfer protocols and e-mails. Among less popular methods are SSH/VPN and Voice-over-IP.
Many businessmen ignore insider threats, just can’t believe that the betrayer could have been a Mary from the sales department or a marketing manager Peter. But, in reality, a particular attention should be also paid to exactly this type of threats in the financial sector. A hacker may turn to be your current or former employee who tracks personal information and e-mail it to your competitors or just send it out involuntarily. Besides, it may be your contractor or a third-party supplier that would rather have used physical media instead of electronic methods.
What hostile activities can commercial organizations face? Among others, it may be an unwanted disclosure of customers’ confidential and account data, trade secrets, frauds, stealing personal health information, intellectual property or a monetary loss, disruption to critical infrastructure, destruction of cyber assets, embarrassment, and some more. Such a flow may cost a corporation millions of dollars (directly and indirectly) and inflict irreversible damage to its reputation.
The 2015 Cyberthreat Defense Report reveals some astonishing facts about insider threats:
1) 72% of security incidents in the financial sector entailed current or former employees;
2) Most crimes by trusted parties (insider and privileged users) are made for financial or personal benefits;
3) 30% of insiders steal data with a desire to found their own rival company, 65% try to help the existing competing companies;
4) Trusted third parties were involved in 41% of the incidents in financial services organizations;
5) 57% of interviewees consider employees the most potential initiators of attacks;
6) Only 23% of respondents are confident they made right investments to track privileged users’ activities.
What is more, still many IT professionals consider these insider threats to be not a technology issue, more a cultural one and even do not mull over the possibility of using a technology to secure a victory over these maligners.
Cost of information leakage
The outcome of information thefts is really horrible: apart of the damaged reputation, company will also lose considerable sums of funds. In order to show that it is not a mere assertion, let us provide some figures from the 2015 Cyberthreat Defense Report:
1) The average cost of a data breach grew 15% in 2015, reaching $3.5 million;
2) 54% of respondents admit that outside electronic crimes were more costly and damaging;
3) Financial organizations experienced a 24% raise in financial losses from information leakage;
4) Security incidents led to more than 8 hours of downtime for 31% of affected organizations;
5) Companies in the USA paid the most at $246 per defective record.
How to address the problem
It’s not an easy task to address the security challenge, whether we deal with internal or external threats. First, it’s difficult to track potential threats (every employee and every device that stores company’s information), to detect their malign activities in time and prevail.
All in all, to combat the security problem you’ll have to spend a fortune. Is there a solution to raise the issue to a new level and protect company’s and customers’ personal info in a cost-efficient way?
In this case, we will need special tools, so-called data leakage prevention or content monitoring and filtering tools that are to anticipate and block the leakage of sensitive enterprise information.
Let’s cover the information threats in details to understand which tools to use in one or another situation.
1) Insider information leakage. Here we are to track data breaches both internally and externally. To avoid security problems it’s of paramount importance to have a strict control over ingoing and outgoing traffic and have a closer view on the media space and the Internet to track the information, similar or equivalent to your closed corporate data.
A kind of a practical solution in this context should become a unique intellectual tracking system / an information app, based on semantic tools. The thing is that such tools will give an exciting possibility to analyze the data at a sense level. Being highly sensitive to duplicates and plagiarism, the intellectual tracking system that can boast its own triggers will notify the information owner/author if his/her insider information happens to be disclosed by one or another source or if there’s a slight possibility of information leakage.
I’m referring not only to blatant plagiarism, but also to the case when your private information is rewritten or retold in other words.
2) Undesirable contacts.Coming back to a variety of internal threats mentioned before, company’s employees often become a reason for information leakage, let it be intentionally or not. To cite an example from the 2015 Intel Grand Theft Data one more time, the correlation between intentional and accidental attacks is 22% to 21%.
To manage all the possible threats in this particular case, we need an analytic system that deals with undesirable contacts, visits, and events during which your employee turns to discuss something with competing companies’ representatives.
The task seems somewhat complex and sophisticated, but possible to fulfil successfully thanks to monitoring social networks, media space and open information sources, for examples, companies’ news outlets, personal and corporate blogs.
“How are we to carry out this search and to define the stolen parts?” you may ask. The process of tracking undesirable contacts can be based on Named entities recognition and relations extraction. Such linguistic tools allow to analyze the information streams and track mentions of the needed persons, companies, locations, positions, dates, etc. Additionally, here we are granted an opportunity to clarify relations between the objects we had found out. Such a procedure allows to chase the exact moment of potential threat appearance, for instance:
- Employee’s visit to your rival company;
- Location of two employees from competing corporations at the same time and in one place;
- Exposure of the closed information about collaboration with your opponents (via tracking previous job positions).
3) Monitoring of employees’ sentiments and opinions.As a rule, employers are eager to know their employees’ attitude towards the top management, products/services, and towards the company, in general. In some way, here can be implemented a system that allows analyzing people’s opinions. I’m talking not about boring opinion polls and surveys. Modern technologies are on top, so, it’s possible to start tracking employees’ opinions via a linguistic sentiment analyzer.This tool can gather the needed information (positive/negative/neutral comments) and give a detailed and exact picture on the staff’s sentiments as a whole. Moreover, employers will have a chance to get a highlight of single individuals’ judgements. Thus, such a linguistic sentiment analyzer seems also able to detect possible insider threats for an organization.
As we can see, information leakage in the financial sphere is one of the most widespread problems. And insider threats are making organizations worry more and more, obliging to seek for IT solutions to track possible problems. Alas, there are no obvious and ready-made universal programs to respond this challenge, but the abovementioned linguistic tools may become an optimal solution in this regard.
Bearing in mind the peculiarities and needs, companies’ owners will likely ask for IT help in order to get a custom program that would satisfy all the company’s requirements for detecting possible threats.
About the author:
Yana Yelina is a website design and development expert at EffectiveSoft, a custom software development company with 250+ specialists who boast expertise in different business domains. You can reach the author at: email@example.com
DATA and ANALYTICS , SECURITY