Register
Promote YOUR BRAND

MYSEC.TV

Home   /   RESOURCES   /   MYSEC.TV   / Insider Threats and Corporate Data exfiltration

Insider Threats and Corporate Data exfiltration

Tech & Sec Weekly
SHARE:

IN THIS VIDEO

Jane Lo, Singapore Correspondent speaks with Dagmawi Mulugeta, Threat researcher with Netskope Threat Labs.

Dagmawi has his OSCP and has previously worked at Cyrisk (a subsidiary of 4A Security), Sift Security (acquired by Netskope), and ECFMG as a researcher, security engineer, and developer. He has innate interests in public CTFs, exploit development, and abuse of cloud apps.

He has his MSc in Cybersecurity from Drexel University. In this interview, Dagmawi shared the behavioural insights found for employees preparing to leave, and how these indicators could enable organizations to protect their data more effectively.

He noted the concern that many organisations have with “flight risk” users – that is, employees that are getting ready to leave – taking corporate data with them. A common question to address this concern, is how to efficiently identify such risks – without sifting through hundreds of alerts and spending hundreds of man-hours.

Dagmawi shared how they approached this problem by analysing anonymized data of over 4 million users from more than 200 different organizations worldwide., and some interesting key revelations:

(i) 15% of leavers used personal cloud apps (e.g. Google drive, Gmail) to take data with them
(ii) 2% were violating corporate policy (exfiltrating sensitive corporate information)
(iii) majority of the data movement happens 50 days before leaving. Dagmawi highlighted how they identified three key signals to filter out alerts with potential flight risks:
a) volume – identifying whether the data being moved is anomalous for the individual in the organisation
b) nature of data – whether the data being moved is sensitive
c) direction – whether the cloud application is outside of the organisation’s management (e.g. google drive).

Wrapping up, Dagmawi recommended that encoding the three signals into the detection systems could help reduce the size for reviews by 43x – that is, for every 50 alerts, the signals could help to filter out the 1 or 2 concerning ones.

Recorded 11th May 2023, 3.30pm, Black Hat Asia 2023, Singapore Marina Bay Sands.

#bhasia #mysecuritytv #insiderthreat

OTHER VIDEOS IN THIS SERIES

zen-05
Delivering Next-Gen Cyber Resilience for the APJ Region
June 6, 2025
We speak with Andreas Hartl, Senior Vice President for the Asia-Pacific and Japan (APJ) region at Zscaler. Andreas is responsible for driving the company’s growth and strategic initiatives across the region. Watch Now
zen-04
Secure and Simplify with Zero Trust Everywhere
June 6, 2025
We speak with Dhawal Sharma, Executive Vice President & Head of Product Strategy at Zscaler on the latest innovations in zero trust to enhance security, simplify access management, and significantly reduce legacy infrastructure costs. Watch Now
zen-03
Harnessing Zero Trust and AI to Outpace Cyberthreats
June 6, 2025
We speak with Deepen Desai, Chief Security Officer & Executive Vice President of Cyber & AI Engineering at Zscaler and the latest zero trust and AI innovations empowering organisations to secure their digital transformation journeys and stay ahead of evolving threats. Watch Now
zen-02
The Risks and Rewards of Agentic AI
June 6, 2025
As we enter the era of agentic AI, we must also address its risks. Watch Now

MySecurity MarketPlace, powered by MySecurity Media is a dedicated marketplace connecting industry and enterprise professionals to the latest events, education, technology and media platforms across a global domain.

LATEST EVENT LISTED

UAV25_600x413_banner_generic
Commercial UAV Expo 2025
'Cyber Revolution Summit 700x480 BR
Cyber Revolution Summit
2nd International Conference on Artificial Intelligence
2nd International Conference on Artificial Intelligence & Data Science

CONNECT WITH US

X-twitter Facebook-f Linkedin-in Instagram Youtube Podcast Google-play Apple

CONTACT US

© My Security Media. All Right Reserved 2019.

Privacy Policy | Terms & Conditions | Competition T&Cs