How to prevent data loss and reduce insider risk at scale 

Many organisations are worried about cyber-attacks, along with the potentially huge disruption and damage they can cause. However, significantly fewer organisations consider the risks of their own employees deliberately stealing or sending out data, or accidentally losing it.  

In the UK in February 2024 a former council employee had copied almost 80,000 email addresses to use to promote his own business. An investigation by Stratford-on-Avon District Council discovered that the culprit had copied the data from its garden and waste collection database, as well as contact details for Warwick District Council residents.  

The incident highlighted how easy it can be for one individual, acting alone, to copy personal data that their employer is responsible for securing. Who knows how many other employees have done this in the past or are conducting their own mass data grab right now? Fortunately, in this scenario, the data theft was identified, but it’s impossible to determine how many times this happens in the public, private and not-for-profit sectors throughout the UK and elsewhere.   

Today, as many people know, there are numerous ways to send information outside of a business. And it’s quite easy to do. 

Current and former employees and third-party contractors have been known to remove information by:  

• Sending information via email and instant messaging tools, either intentionally or unintentionally to the wrong recipient, or by transferring it to external devices or cloud storage platforms without authorisation

• Stealing laptops, mobile phones, hard drives, or other physical devices that contain sensitive data

• Purposely leaking data to harm the company or for personal gain

• Using insecure networks such as public Wi-Fi where it can be intercepted

• Disposing of data inadequately, or failing to destroy it properly so that it can be retrieved and leaked

• Copying and pasting sensitive information into large language models (LLMs) where it might be picked up by other users of the same artificial intelligence (AI) tools who are outside of the organisation.

Welcome to the world of Managed Data Security  

However, when there’s a problem that could cost tens of thousands of businesses and government departments a large amount of money – and harm their reputation – there’s usually a solution available.  

In this case it’s Quorum Cyber’s Managed Data Security (MDS) service, enabling data loss prevention (DLP) at scale, whatever technology your organisation’s IT estate runs. The service combines human ingenuity, know-how and experience with cutting-edge AI-empowered tools such as Microsoft Purview. MDS uses Microsoft technology and AI to highlight a series of specific events within a timeline to clearly show the events happening in the lead-up to data being sent to another location.    

Context is crucial, of course. Millions of people and IT systems transfer billions of pieces of information every second of every day. So how can we tell if one specific data move is legitimate, accidental or malicious? With Quorum Cyber’s MDS service, we can:  

• Enhance monitoring and governance
• Evaluate a sequence of events to determine whether an individual’s ‘actions’ are malicious. 
• Maintain the user’s privacy.

Importantly for the organisation, telemetry and content is protected with the MDS service. Nothing leaves the customer’s estate during investigations. Combined with Quorum Cyber’s Managed Extended Detection and Response (M-XDR) service, we can provide detailed analysis of data, cyber security and identity. 

“This frightening scenario of data loss at the council is exactly why we set up MDS,” says Graham Hosking, Quorum Cyber Solutions Director for Data Security & AI. “We monitor, manage, and secure data across multiple platforms and locations, and use AI to provide a timeline of evidence to prevent intentional and unintentional data loss from happening in the first place. Effectively, we can tell you the story of your data loss and advise on what you can do about it across your entire organisation.”  

Learn more about our Managed Data Security service and the results it can deliver for your business today.