In recent years, many organizations looking to safeguard their secrets have turned to data loss prevention technologies to help them prevent sensitive information from going missing, whether at the hands of outside hackers or malicious insiders.
The challenge of safeguarding data against loss, however, is complicated by the fact that, outside of military and government realms, few employees know how to manually classify data, or have an incentive to do so, says Stephane Charbonneau, CTO of TITUS. And what counts as sensitive information varies by organization, depending on its intellectual property, or specific words and contexts.
As a result, "there's more [of a] realization that identifying that data is the first step that we need to do before we can protect it," he says.
In an interview with Information Security Media Group at Infosecurity Europe, Charbonneau also discusses:
- Data loss prevention challenges;
- Best practices for data classification;
- Lessons learned from Edward Snowden's leaks of data from the U.S. National Security Agency information;
- Approaches to classifying data manually or automatically, and the need for related industry standards.
Charbonneau, CTO of TITUS, has significant experience working with large international organizations in the public and private sector. He has worked as senior architect at a major U.S. financial institution and in several Canadian federal government departments.