Subscribe
  • Home
  • /
  • Security
  • /
  • ML beats traditional solutions at combating data loss via email

ML beats traditional solutions at combating data loss via email


Johannesburg, 11 Nov 2021
Stephen Osler, co-founder and business development director, Nclose.
Stephen Osler, co-founder and business development director, Nclose.

Traditional data loss approaches have limited to no success in preventing data loss via emails that are accidentally misdirected or sent to unauthorised accounts. However, advanced DLP using machine learning is proving highly effective in reducing sensitive data exfiltration via email.

This emerged during a webinar hosted by Nclose and Tessian in partnership with ITWeb this week.

Stephen Osler, business development director at Nclose, said: “Email remains one of the biggest threats to data security. However, traditional, static DLP policies negatively impact collaboration and cause resistance among employees.”

George Vasey, EMEA partnerships manager at Tessian, said: “On average, 27 500 unauthorised emails are sent each year from organisations with more than 1 000 employees, and this problem is massively underestimated because of a lack of visibility. In addition, an average of 800 emails are accidentally misdirected each year in organisations with over 1 000 employees. Many of these misdirected emails are not reported, and this is a huge issue that can have a serious impact.”

“Most organisations have no way of quantifying misdirected emails, let alone stop them, and traditional solutions fail to prevent misdirected emails, since you can’t stop accidental misdirection with training or policies. Traditional approaches also fail to prevent deliberate data exfiltration, as people can circumvent rules and static policies,” he said.

Vasey said Tessian Enforcer, Tessian Guardian and Tessian Architect address outbound email data loss in enterprise environments. Tessian is also extending its capabilities next year to cloud collaboration and messaging tools, he added.

George Vasey, partnerships manager, Tessian.
George Vasey, partnerships manager, Tessian.

“Tessian uses behavioural intelligence modelling for automatic threat prevention and in the moment coaching of employees. By understanding normal behaviour, we can then identify anomalies, detect threats and provide contextual warnings.”

Alexander Richards, head of the Insider Threat Programme at Investec, said Investec was using Tessian solutions to improve client confidentiality and protection.

“With a content based DLP, you are constantly changing regular expressions, there is a lot of manual changing of rules, and there is the problem of how to escalate. Tessian watches over the shoulder of everyone; uniquely identifies the content being sent; and provides detailed reports to our analysts and executives. It is one of the few security solutions that happens right in the face of staff, in a way that is helpful and not abrupt, and it has been warmly welcomed by staff,” he said. “One of its key use cases is to inform our ongoing awareness and training programmes.”

Vasey elaborated on the features of the various Tessian solutions, while Sam Wolfshohl, partner solutions engineer at Tessian, demonstrated the Tessian dashboard, which can build complex policies, rules and logic blocks, simplify administration and reduce alert fatigue. “With Tessian, you know exactly when something is triggering and why it is triggering,” he said.

Share