Digital Guardian assessed the risk of losing sensitive data during the Covid-19 crisis in a study called DG Data Trends Report. This global study is based on aggregated and anonymized data from nearly 200 Digital Guardian managed security program customers. It encompasses a wide variety of organizations and industries, including financial services, industrial production, health care and business services.
All of the data analyzed covers the period from 1er January to April 15, 2020. Comparative data relate to the period from 1er January to February 29, 2020 (before the global appearance of COVID-19) and that from 1er March to April 15, 2020 (after the emergence of the pandemic). This study allowed Digital Guardian to compare the data output patterns before and after the transition to telework to assess their impact on the risk of losing sensitive data.
Maintained in telework, the employees of these companies have made extensive use of USB keys as a data transfer and backup medium. Digital Guardian probes counted a 123% increase in the volume of data transferred to USB keys, of which 74% were classified according to DLP (Data loss prevention) policies. Going from surprise to surprise, experts at Digital Guardian observed, dismayed, that USB keys have become, with the cloud, the preferred exit channels for data output, totaling 89% of all data alone.
Considering that the total volume of all data output channels (e-mail, cloud, USB, etc.) increased by 80% in the first month following the declaration of the Covid-19 pandemic by the WHO, we can get an idea of the volume of sensitive information that has been exchanged. After the WHO declared a pandemic on March 11, analysts at Digital Guardian’s Managed Detection & Response service found a 62% increase in malicious activity by external attackers, a number that corresponded to an increase 54% of incident response surveys.
We can argue endlessly about the lack of training of employees in “cyber security barrier gestures”, but unless they have lived in a bubble, cut off from the world, all these last years, a certain knowledge of the elementary gestures of cybersecurity needs to be mastered now. “IT and security professionals should pay particular attention to the surge in the use of USB devices. Indeed, they increase the risk of loss of sensitive data due to their portability and the probability of losing them or having them stolen, ”warns the report.