Money in bank, CybelAngel sets about adding capabilities for data leak detection, remediation services

Todd Carroll, vice president of cyber operations, notes that there are products that notify users that there are data leaks — where CybelAngel goes further is in its ability to search and recover the content, giving customers the ability to know exactly how serious an issue they face told EdgeIR at the RSA 2020 Conference.

The company’s service is continually scanning both public and dark web resources for client data. Carroll notes that the service typically finds at least one data breach a month for clients. And while not every data leak is as serious as the Equifax breach or Ashley Madison leak (which CybelAngel uncovered first in 2015), there are many examples of breaches that could have had a financial impact.

Carroll shares the story of a company investing hundreds of millions of dollars in a new engine design. CybelAngel’s service discovered that the designs were exposed by a vendor of precision screws that was using the diagrams to create a part for the company.

Citing a 2018 report from the Ponemon Institute, CybelAngel says a third-party or a vendor were responsible for some 60 percent of data breaches that year. The company claims it can detect more than one billion documents on a daily basis and leverages artificial intelligence to analyze the type of information it detects.

CybelAngel’s technology can be tailored to individual needs and specific perimeters: connected storage, cloud applications, open databases, Domain Name Servers, public web, and deep and dark web.

In the connected storage perimeter, the technology identifies and secures classified documents that may have been mistakenly made visible on corporate and third-parties’ connected storage. In cloud applications, it detects and prevents data leaks through collaborative tools, repositories and cloud applications. In the open databases perimeter, the platform protects misconfigured databases from being compromised, it blocks phishing, counterfeiting and domain squatting attacks at the Domain Name Servers perimeter, it secures exposed credentials at public web layer and it detects and protects against threats and fraud attempts at the deep and dark web layer.

Addressing the ever-expanding list of threats

More services from cloud providers, more IoT devices and easy availability to a broader range of users have decreased security and made it easy for inadvertent breaches to occur.

“All of these things make it difficult for companies to secure data,” Carroll notes.

Given this difficulty, quickly finding data becomes another essential tool for security professionals. That difficulty is only going to increase as enterprises adopt IoT technologies as they digitize their businesses.

Carroll acknowledged these coming challenges and suggested that his company is looking to go beyond the IoT port scanning that they can already do and offer more in-depth device analysis as they look to prevent attacks on critical infrastructure such as power plants, air traffic control systems, and manufacturing systems.

Jim Davis contributed to this article.

Article Topics

CybelAngel  |  data leakage  |  data loss  |  IIoT  |  risk  |  security