Did you know that in the US alone each year losses of over $ 300 billion are caused by the data theft of source code, product designs and similar intellectual property? Or that for example in Germany every year data theft and industrial espionage cause a damage of around 50 billion euros? Equally frequently, companies in Switzerland are victims of such offenses which are often not even noticed. Many feel a false sense of security, assuming their own security precautions are sufficient or the're not affected by the problem of data theft and industrial espionage.
Intellectual property can be protected better
We are convinced that investments in the protection of intellectual property rights are increasingly important, especially with the soaring digitalization and dynamic markets. Innovative solutions are needed ever more faster and therefore companies need to be increasingly agile; as such old security concepts no longer meet the requirements of tomorrow.
Particularly in the SME environment, the proportion of unrecognized incidents is large: Because medium-sized companies, unlike large corporations, have less IT resources, their protective measures for IT security are often less comprehensive and structured, what makes them especially vulnerable. In addition to attacks from the outside, data theft by employees provides one of the biggest threats for innovative SMEs. For example, employees who are leaving the company are subject to the temptation to take confidential information and trade secrets to their new employer.
Given this obvious level of threat, continuous investment in prevention measures reduces the security risks. On the technical level data theft by insiders or malicious attacks from the outside can be prevented with relatively little effort. A very effective measure are software-based security solutions aimed at intelligent and accurate detection of threats of the transaction on the data storage, in which the intellectual property of the company is managed. Such solutions for threat detection can be integrated into various software platforms, software and product development tools or as a complementary functionality in source control platforms.
Modern threat detection act at datastorage level and use innovative behavioural analysis and as such observe anonymously all interactions with data, such as source code, product designs and related assets. These interactions receive a risk assessment, and warnings for high risk values are calculated on the basis of activities, users, devices, projects and data. The reliable identification of an unusual behaviour, for example, enables the early detection of possible attempts of theft of data by employees who are just leaving the company. Also the access by suppliers on unauthorized projects and data or activities of external parties who want to retrieve internal files on compromised user accounts are recognized in order to initiate relevant countermeasures.
The use of behavioural analytics for the identification and mitigation of risks in the field of data security represents a paradigm shift: the process of threat detection is optimized from a metadata collection towards an analytical modeling. Behavioral Analytics collects a wide range of information and analyzes in real-time patterns and relationships that are created by the habits and activities of users and their devices. Events that do not meet the normal user behavior are filtered out immediately as soon as they emerge. These anomalies may represent attacks both from within and from outside. In such cases, the analysis tool detects the attack and automatically triggers an alert. As a result, necessary investigations or further steps can be initiated immediately to counter the possible threat before the data is effectively at risk.
State-of-the-art solutions for threat detection focus automatically on the actual threats and the notification thereof. The tremendous amount of data that is not relevant in this context and usually overwhelm the internal security specialists must be ignored or abstracted. Because the warnings are based on anomalies - and not, as with conventional protective measures on all normal output behaviour, the total number of warnings and of false positive results are greatly reduced . The information in a warning is presented visually and easy to use directly in the context of an event. Investigators can then pursue their analysis focused on these warinings which also allow digging into the rood causes in order to clarify whether these are justified or not.