The Weakest Link

Data Loss Prevention in a financial organisation

ISACA

2 December 2010

Noël Van den Driessche, Group ISO KBC

12/04/23 2

This presentation gives an overview of ideas and techniques used in KBC’s Information Risk Management

programme. Opinions and comparisons expressed, represent the author’s thoughts and do not necessarily

refer to official views of KBC.

12/04/23 3

“Endpoints are the highest risks”Aberdeen Group, 2008

12/04/23 4

Pandora’s box?

12/04/23 5

Protect the data?

Or

Control the perimeter?

Your votes please!

12/04/23 6

500 Terabyte of dataonline in data centre

12/04/23 7

Security Theory:

People

Technology

Process

12/04/23 8

1in hands of

right person?

2for necessary

process?

3with acceptedtechnology?

12/04/23 9

12/04/23 10

84leakage channels

12/04/23 11

Risk-ranking the leakage channels

12/04/23 12

12/04/23 13

12/04/23 14

12/04/23 15

12/04/23 16

34 highest-riskleakageareas

12/04/23 17

White ListBlack List

12/04/23 18

“Only use company-approved techniques”

example

12/04/23 19

“Only provide company-approved techniques”

12/04/23 20

Don’t offer staff techniques thatthey can’t use in a secure way

12/04/23 21

Always installbaseline security

12/04/23 22

34 highest-risk leakage areas: 150 baseline security controls

12/04/23 23

12/04/23 24

DLP requirements analysis

12/04/23 25

12/04/23 26

Decisions?At local level

Behaviour?It all dependson users…

Next steps…

12/04/23 27

Next 38 leakage channels: done

User behaviour & Data whereabouts:Scan: data at rest / data at move Education of users

ongoing

Automated user assist tools

12/04/23 28

Questions?

noel.vandendriessche@kbc.be