DATA LOSS RISK
MISDIRECTED EMAIL.
COMMON, COSTLY - BUT EASY
GVP & GM, Tessian Group, Proofpoint
Sensitive data loss has long been an issue for organizations of all sizes, leaving them exposed to compliance and reputation risks. From phishing and ransomware to advanced threats, there is a long and growing list of ways that sensitive information can find itself outside your defenses.
That said, it never really “finds itself” there. It ends up there incidentally, or intentionally. Usually by employees. So much so that around two-thirds of CISOs report losing data because of an insider.
Once again, there are many ways this can happen. Even today’s most security-oblivious users likely understand that weak passwords and errant clicks or downloads pose a risk.
However, another prevalent factor behind data loss does not garner the same level of focus.
It may surprise many to learn that misdirected emails – legitimate messages sent to incorrect recipients – are the number one GDPR-related cyber incident reported to the UK’s Information Commissioner’s Office (ICO).
Not only is misdirected email highly prevalent, but it is also traditionally difficult to stop. Errors of this nature are not usually flagged by standard rule based data loss prevention (DLP) tools, leaving users solely responsible for ensuring that their emails are always sent to the intended recipients.
Unfortunately, this human line of defense is not fully equipped for the task.
Traditional rule-based DLP tools do what they do very well. Such solutions remain a critical part of any effective cyber defense when it comes to protecting sensitive data. However, these tools have a major shortcoming in that they only check messaging against pre-defined risks.
Traditional DLP can identify if recipients are on deny lists, whether there are any social security numbers and patient identifiers (RegEx patterns) in the message content and if there are any classification tags on attached documents – for example if an admin has tagged a particular document as ‘sensitive’. Assuming your email passes these checks, it is deemed safe to send.
A misdirected email to a legitimate (albeit incorrect) recipient would not raise any red flags. A rules-based system would flag this type of email as good to go. But based on Verizon’s DBIR data that shows email misdelivery as prevalent across all industries, we know, it’s not.
An adaptive, AI-powered DLP solution goes much further. It is not just looking for common predefined risks. Rather, it analyzes all aspects of an email for anything that looks anomalous.
So, on top of checking for common red flags, it will detect abnormal grouping of recipients and spot and flag sensitive words, phrases or content that are not ordinarily shared with the intended recipients, whether in the body of the message or any attachments. It will then determine whether an email is safe to send.
Should it detect a potential mistake or sensitive data loss incident, Proofpoint Adaptive Email DLP will intervene to question the accuracy of the recipient, offer a brief explanation of the potential issue and ask whether the sender wishes to proceed or cancel.
Put simply, traditional DLP cannot stop incidents like these as they can’t be pre-defined. Adaptive Email DLP averts potential disasters in real-time with simple, on-screen prompts for users to correct mistakes and make good security decisions.
With a complete timeline of each incident – what was being sent, who it was being sent to, and why it was stopped – security teams get actionable insight into common mistakes as well as intentional attempts to misdirect company data to personal or unauthorized accounts.
The power of Adaptive Email DLP is not only in how effectively it can stop data loss. It is also designed to fit in effortlessly with the way we already work. There are no additional steps to remember or changes to existing processes for end users.
People compose and send messages in the same way they always do. Adaptive Email DLP works in the background to determine whether emails are safe to send – and only intervenes if there’s a potential problem.
This means end users only interact with the solution every few weeks rather than a few times a day, significantly reducing the risk of warning fatigue which can lead to a continued stream of data loss incidents.
Adoption is fast, too. There are no rules to implement and refine over time to balance security and user convenience - it’s 100% automated. In most cases, Adaptive Email DLP is deployed in minutes, learns from historical messaging within hours and is ready to protect your people and your data within days. But you don’t just have to take our word or it – our customers agree.
Our solution recently prevented a merger and acquisition-related email from being sent to a journalist:
We saw ROI in just one misdirected email prevented by Adaptive Email DLP."
Adaptive Email DLP intervenes in the case of malicious insiders, too. Our solution helped a Global Financial Institution spot and block attempts by a departing CFO to send board meeting minutes and sensitive documents to a personal account.
THE PLATFORM IS RESONATING, CHANGING BEHAVIOUR AND DECREASING OUR LEVEL OF RISK.”
Adaptive Email DLP can help your organization remove data loss from the equation by prompting users to correct the mistakes that lead to misdirected emails and automatically blocking attempts to send sensitive information to unauthorized recipients.
Harness behavioral AI to prevent both accidental and intentional data loss over email. Detect anomalous behavior in real-time. Warn users before they make a costly mistake. Avert data breaches that conventional DLP approaches miss with Proofpoint Adaptive Email DLP.
Find out more
Designed to power up the security community, these events focus on the latest cyber threats, security insights, and industry trends.
Watch our webinar
