M&E Day: Protecting Content From Insider Threats is Crucial, Cyberhaven Exec Says


Insider threats continue to present a significant challenge for companies and, amid the ongoing COVID-19 pandemic, it is more important than ever for media and entertainment organizations to protect their content, according to Dr. Cristian Zamfir, co-founder and chief information security officer at Cyberhaven.

“What strikes me is that a large percentage of this industry has actually mentioned… in a recent study that collaboration is a critical component of the entire process and workflow for creating new and innovative ideas and content and media,” he said July 2 during the security breakout session “Protecting the Creative Process from Insider Threats at the Global Media & Entertainment Day event presented live, virtually, from London.

Creative ideas are the hardest to protect, according to Cyberhaven. “Basically, it’s an entire collaborative process, so we need a solution that will secure this entire process, from project kickoff up to the delivery point and this is often not easy because as you are collaborating on new ideas, some of these entire processes don’t necessarily fall into a pattern,” Zamfir noted.

“The collaboration brings a little bit more chaos with respect to keeping the data secure, and also makes it a little bit more difficult to keep it safe from insider threats – either malicious or accidental,” he told viewers.

There are several reasons why it’s important to focus on insider threats, starting with the fact that “insider threats are on the rise,” he pointed out, noting there has been a 47% increase in two years. And these insider threats come at a huge cost, he said, pointing to a recent study showing the average cost per incident was $1.6 million.

One reason for that rise is there are just so many Software-as-a-Service (SaaS) applications being used now, he said, noting there are about 288 SaaS apps for a 1,000-plus user company. Another reason for  the increase is that there is a lot of sharing today, he added, noting the situation has only been “compounded by COVID-19” because so many people have been working remotely.

Meanwhile, 70 percent of companies are suffering from “rogue” cloud apps and to make matters worse, there is data in many formats today, and data lives everywhere now he said.

Zamfir, who previously held research positions at UC Berkeley and Microsoft and earned a Ph.D. in computer science from EPFL (Swiss Federal Institute of Technology), noted how Cyberhaven’s data tracing technology helped Motorola gain visibility across its business to quickly identify data leakage after it was losing market share to copycats because its pre-launch hardware designs kept getting leaked.

Cyberhaven’s Data Behavior Analytics can do three main things, he explained: “Protect your high-value data” by instantly detecting and stopping insider threats to proactively prevent data breaches; accelerate incident investigations by revealing user intent to differentiate between careless and malicious behavior to guide response; and identify and educate risky employees who are putting high-value data at risk and continuously educate them to follow security policies.

“With Data Behavior Analytics, you can record and present the history of any piece of data that travels through your organization,” he said, showing a chart demonstrating how its solution was able to tell one specific company’s security story.

Cyberhaven Data Behavior Analytics are “particularly focused on unstructured data and “we can tell where it came from, who accessed it and where it was uploaded,” he noted.

It provides risk detection for all high-value data within an organization, enabling it to monitor all high-value data everywhere, discover all risky locations and users, and respond to threats automatically in real-time, he said.

Cyberhaven Data Behavior Analytics can do all this “despite data sprawl and shadow IT, so there is no need for very complex integrations,” he said.

It provides security that adapts to the way people work and is particularly suitable for the creative industry because: No classification is required; “our alerts are 100 percent accurate” and there are no false positives; it provides instant value with easy setup; it allows spontaneity; and it adapts to your creative process, he said.

The company offers a free data risk assessment and report, he went on to tell viewers, noting that after it’s done, an organization can then decide what it wants to do next.

Organizations can immediately improve their security posture with a Cyberhaven Data Risk Consultation and, in the process, increase the productivity of their security staff; find insider threats and speed current investigation; and improve utilization of existing security tools, he said. And 100 percent of its consultations find some form of undetected insider threat, he told viewers.

To view the presentation, click here. To view the presentation slide deck, click here.

The fourth annual M&E Day event, presented by the Media & Entertainment Services Alliance (MESA), featured mainstage panels and more than 15 breakout sessions, covering the latest it data, cloud, IT and security across the media and entertainment technology ecosystem.

The event was presented by Caringo, with sponsorship by Convergent Risks, Cyberhaven, Richey May Technology Solutions, RSG Media, Signiant, Whip Media Group, Zendesk, Tape Ark, Sony New Media Solutions, 5th Kind, ATMECS, Eluvio, Tamr, the Audio Business Continuity Alliance (ABCA), the Entertainment Identifier Registry (EIDR) and The Trusted Partner Network (TPN).