I’m your CISO, and I’m blind
I’ve been working with CISOs of Fortune 1000 for the last 10 years, and one fact was always apparent – they are responsible for the security of the organization’s most valuable asset – data. However, they are completely blind to the daily sensitive data exfiltration across their hundreds of sensitive enterprise applications.
Global Bank CISO described the situation: I’m detecting 20 malware infected devices every day, but it takes me 3 months to determine the sensitive data exposure on these devices (if at all). With new generation of hackers ramping the lines – identity hijacking, “man-in-the-browser” attacks, APT and malicious insiders – their infiltrations are hidden from existing defense lines, as these attacks footprint identical to a legitimate end user.
I argue that this should be the other way around!
Sensitive data exfiltration activities should be visible in real-time across your enterprise applications. Profiling, peer comparison, and user activity analytics should be performed 24×7 across your applications to detect abnormal behavior before damage occurs.
This is my promise. This is SecuPi.