itSMF Bulletin June 2023 | Page 7

been extracted from a network, the damage is already done, so mitigation and incident response plans can only have a limited impact. You therefore need an anti-data exfiltration, or ADX, solution that stops your business from falling victim in the first place.

How can data exfiltration be prevented?

A key part of any ADX strategy is to monitor all traffic that is leaving the business’ network. Many traditional cybersecurity solutions focus their efforts on protecting the network perimeter against incoming threats.

 

While this remains an important layer in your cybersecurity defence strategy, relying solely on perimeter defence tactics will leave you vulnerable should something slip through the net – which, given the prevalence of risks such as zero-day threats, is likely to happen to every business sooner or later.

 

Therefore, you need to go beyond standard cybersecurity techniques, including data loss prevention (DLP) tools, and look for solutions designed specifically to stop attackers from exfiltrating unauthorized data. This helps you take control of how information flows through your network and ensure that when it is transferred beyond your borders, it is fully authorized and secured.

How can you protect from data loss by negligent, compromised, and malicious users?

People who are careless with their credentials –

either through weak protections or sharing of details – are among the main causes of data exfiltration. In fact, the Ponemon Institute claims this is the most common root cause of attacks, accounting for 20 percent of all breaches in 2021.

 

Putting controls in place to prevent reckless behavior such as password sharing or accessing data via unsecured devices and network connections is a must. However, to be effective, you need to go further to also counter any malicious actor within your business who may be looking to steal data.

 

To do this, strong ADX solutions must include effective monitoring tools that can keep a close watch on data leaving the network. Using behavioural profiling techniques, suspicious activities – such as users attempting to access resources they do not have permission for or transferring files in a usual way – will be blocked, ensuring that unauthorized data doesn’t leave the network.

The importance of endpoint protection for data exfiltration prevention

Focusing on your endpoint security is another essential part of preventing a data exfiltration attack, and this is something that’s particularly important in the new era of remote and hybrid working, where more business activities take place on personally owned and mobile devices that can often be overlooked by a traditional DLP solution.