CDSA

Cyberhaven: How to Protect Sensitive Data With Context and Perfect Recall

There are pros and cons to legacy data loss prevention (DLP) technologies that are used to protect sensitive data and intellectual property, and there are several reasons why Cyberhaven’s solution that uses Dynamic Data Tracing offers media and entertainment organizations a superior option,  according to Jared Thorkelson, director of business development for Cyberhaven.

“DLP has sparked a spirited debate,” he said during the Dec. 8 virtual Content Protection Summit.

After about 15 years, “you would think that the technology would be mature and effective, but you’d probably be wrong,” he noted during the DLP, Accessibility & Framework breakout session “Protecting Sensitive Data with Context and Perfect Recall.

“The technology today is much the same as it was a decade ago,” he said of DLP. “There’s been very little innovation that’s driving improvement in the products, and we really see Cyberhaven as changing the data protection landscape in much the same way [that] endpoint detection and response technologies have kind of taken over the anti-virus market,” he told viewers.

“We think Cyberhaven is going to do the same thing,” he said, noting: “It’s actually already starting to do the same thing for our customers in data protection today.”

The Memento Connection

Comparing DLP technologies to key concepts from the film Memento, he noted that the main character of the movie, Lenny, has a condition in which he can’t form new memories and experiences short-term memory loss every few minutes. Lenny’s condition prevents him from understanding where, why and the context surrounding his current situation, Thorkelson noted.

Lenny’s condition is “very similar to what traditional DLP technology – data loss prevention – have,” he said. This similar condition “puts companies at a disadvantage when they’re trying to protect their data” — if the solution “can’t remember things, it’s problematic,” he pointed out.

How DLP Works

Thorkelson explained how DLP works, noting it “sits at the point of egress” and inspects content leaving an organization, trying to tell if it’s sensitive data. “If there is sensitive data detected, then remediation actions can pop in and alert the user, alert an administrator or block what the user is trying to do,” he explained. “But if sensitive data is not detected, then no action is taken.”

The “five things that companies don’t likewhat they don’t love about data protection solutions” commonly used today, in his experience, are, he said:

  1. There are false positives that cause problems within an organization. For example, the DLP solution may see a Social Security number when it is, in fact, a nine-digit number that is not a Social Security number. There are also false negatives when the solution is not detecting data accurately and it leaves an organization.
  2. The solution is too time-consuming.
  3. The solution is too complex.
  4. The solution impacts end user productivity such as by over-blocking email and other activities. The solutions used today also tend to slow computers down.
  5. The number one reason is the solution is ineffective. He pointed to the major breach that Sony had a few years ago and other breaches that other major companies have faced in recent years despite the fact that they used DLP.

Dynamic Data Tracing: A “Different Approach”

Cyberhaven has “taken a different approach” with its Dynamic Data Tracing solution,  Thorkelson said.

“We think that every piece of data tells a story,” he noted. Dynamic Data Tracing “monitors all data use, all data activity, all data movement across the enterprise, and in and out of the cloud – and, with that data, Cyberhaven is able to tell the whole story,” he said.

“Rather than focus on the text or the content of a piece of data,” like a Word document, which is what a traditional DLP solution does, “what Cyberhaven does is it adds another element of context – data context,” he pointed out. “And, frankly, we think that data context is better,” he said. After all, “content can change, content can be modified maliciously even and sometimes content just looks like other content,” he noted.

With Dynamic Data Tracing, the “data context that we track [is] factual, it’s unchangeable, it’s undeniable,” he said.

Cyberhaven tracks all the data lineage inside a modern enterprise and takes all the “individual data events and connects the dots” to show users the data flow and accurately classifies all of it and protects it, he added.

To view the full presentation, click here. To view the presentation slide deck, click here.

Presented by Microsoft Azure, the Content Protection Summit was sponsored by SHIFT, Genpact, Akamai, Convergent Risks, Friend MTS, GeoGuard, PacketFabric, Palo Alto Networks, Richey May Technology Solutions, Splunk, Zixi, EIDR, Cyberhaven and Xcapism Learning.

The event was produced by MESA, CDSA, the Hollywood IT Society (HITS) and Women in Technology Hollywood (WiTH), under the direction of the CDSA Board of Directors and content advisors representing Amazon Studios, Adobe, Paramount, BBC Studios, NBCUniversal, Lionsgate, WarnerMedia, Amblin Entertainment, Legendary Pictures, and Lego Group.