Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


10:30 AM
Dr. Steve Marsh
Dr. Steve Marsh
Connect Directly
E-Mail vvv

9 Ways Data Vampires Are Bleeding Your Sensitive Information

Pull a Van Helsing on those sucking the lifeblood from your data and intellectual property.

Vampires do exist — in the workplace, that is. They bleed your company of customer data, confidential information, and intellectual property (IP) — the lifeblood of any organization. These shadowy figures exist in every enterprise and take the form of malicious insiders looking to benefit from the theft of company information, as well as negligent insiders who inadvertently put data, IP, and the entire enterprise at risk.

While this sounds like a good old-fashioned horror movie, data vampires pose a serious threat. Data proves that IP theft has affected even the biggest and most sophisticated companies, as well as the government and private sector. No one is safe: Every industry has a horrific example to share of falling victim to nation-state espionage.

It's important to note that the impact from mistakes is just as dangerous, with human error accounting for 90% of data breaches in the cloud, according to some reports. Collaboration tools designed to empower data sharing also have the unintended consequence of making data theft and accidental loss (or sharing) widespread.

Here are nine of the most common data loss scenarios keeping organizations up at night:

Vampires on the Hunt

  • A once dedicated employee has accepted a job offer with a competitor that pays better and has a shorter commute. Before flying off into the moonlight, he plans to download copies of all client contacts, internal communications on planned product improvements, and anything else that will help him succeed at the new company.
  • One of your employees with access to customer personally identifiable information and payment data conjures a scheme to use that information for personal profit and downloads/copies it to carry out the crime.
  • Your senior developer steals research and code on your latest innovation and then leaves to start her own company and launch your product before you do.
  • An employee is bribed by a third party, maybe a competitor or even a nation-state, to download and steal your IP. The "other" plans to market it as their own technology, and perhaps in another country that has less stringent copyright and trade protection laws.

Inadvertent Bloodsuckers

  • An employee accidentally shared a sensitive file with the wrong individual or group, inadvertently sharing all company salaries with the entire staff instead of just the executive team.
  • "Oops! That wasn't meant for you." — that's the co-worker who mistakenly shares the wrong file either by Dropbox or email attachment.
  • The individual who shares a sensitive file with a setting that is too open, mistakenly allowing recipients to then share it with others (e.g., the "anyone with the link can view" setting).
  • "I'm not supposed to send you this but…" Someone who has shared sensitive data with another who should not have access to it (but, well, you know how that goes).
  • Allowing end users, instead of IT, to create file shares, resulting in wrongly configured sharing settings (e.g., files are accidentally open to the public Internet or open internal access).

Put a Stake in Data Vampires with Four Critical Steps
If you think these culprits are works of fiction, think again: Many are ripped right from recent headlines. However, you can stop data vampires and protect business-critical information without hampering collaboration, or losing too much sleep, by channeling your inner Van Helsing to act:

  1. Clean-out the skeletons in your closets. Research shows that 60% of companies admit more than half of their organizations' data is dark (they don't know where their sensitive data lives). To start, scan all of your content collaboration systems to identify sensitive information, then classify and secure it before it comes back to haunt you. 
  2. Swap your wooden stake for a data-centric approach. Traditional security tools weren't built to protect today's diverse collaboration channels and all the data that comes with them. Instead look for data-centric solutions that use both file content and user context to augment security depending on parameters such as the document sensitivity, role, time of day, location, and device to determine if content can be accessed by the user and what can be done with it. 
  3. Ward off mistakes with automation. The best way to protect against unknowing offenders and accidental breaches is to stop bogging users down with complex rules for data sharing and security that are easy to forget or circumvent using shadow IT. Take advantage of technology that can apply restrictions, such as preventing the emailing, sharing or downloading of sensitive content based on document sensitivity, to prevent unwanted actions and consequences. 
  4. Sharpen your tracking skills. Track the life cycle of sensitive data so you can see who has accessed it and how it has been used or shared to provide a full audit trail. Be sure to have a process in place to notify managers and stakeholders of potential violations. 

This Halloween and year-round, remember that technology is your friend when hunting down data vampires — no matter what form they take, malicious or negligent.

Related Content:

Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "Cybersecurity's 'Moral Imperative.'"

Steve Marsh is a Vice President at Nucleus Cyber and brings more than 20 years of product experience from Microsoft, Metalogix, startups, and academia. He drives product management/marketing to deliver first-class customer experiences and strategic product road maps. Steve ... View Full Bio
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 4/7/2020
The Coronavirus & Cybersecurity: 3 Areas of Exploitation
Robert R. Ackerman Jr., Founder & Managing Director, Allegis Capital,  4/7/2020
'Unkillable' Android Malware App Continues to Infect Devices Worldwide
Jai Vijayan, Contributing Writer,  4/8/2020
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2020-04-09
Due to a new NDP proxy feature for EVPN leaf nodes introduced in Junos OS 17.4, crafted NDPv6 packets could transit a Junos device configured as a Broadband Network Gateway (BNG) and reach the EVPN leaf node, causing a stale MAC address entry. This could cause legitimate traffic to be discarded, le...
PUBLISHED: 2020-04-09
KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc__tm, leading to a stack corruption. Because of this, an attacker with the ability run code in kernel space of a guest VM can cause the host kernel to...
PUBLISHED: 2020-04-09
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
PUBLISHED: 2020-04-09
An issue was discovered in Avira Free-Antivirus before 15.0.2004.1825. The Self-Protection feature does not prohibit a write operation from an external process. Thus, code injection can be used to turn off this feature. After that, one can construct an event that will modify a file at a specific loc...
PUBLISHED: 2020-04-09
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the Operator to generate their X.509 certificates are u...