Potential Leaker Identification speeds your Incident remediation
Data breach prevention is nothing if not a numbers game. Once a leak is detected, the race begins to secure the exposed server or the vulnerable database.
To put all the odds in your favor, CybelAngel is the only Digital Risk Protection Platform to provide you with a Potential Leaker Identification for exposure related to connected storage devices and databases.
Speed up data breach prevention
When you know whose Rsync server is leaking your confidential information, it’s easier to contact them and guide them through the process of securing the data.
With the Potential Leaker Identification, the name of the data leaking device’s owner is documented in the Incident Report, when available. The investigative work necessary to uncover the source of the leak is led by your dedicated CybelAngel cyber-analyst as they complete the Incident Report.
This means the Incident Report is ready for mitigation as soon as you receive it via your CybelAngel SaaS platform.
Cut your investigation-related costs
The fastest-growing cost center among data breach prevention activities is an investigation, with the average cost across all incident types rising 86% in only two years to $103,798*. Such costs encompass the actions necessary to thoroughly uncover the source, scope, and magnitude of the incident.
The Potential Leaker Identification helps you cut investigation-related costs by leveraging CybelAngel cyber-analysts’ unique expertise in data breach prevention.
*source: 2020 Cost of Insider Threats Global Report, Ponemon 2020
What is the Potential Leaker Identification?
The Potential Leaker Identification is a field in your Incident Reports. It is populated by your CybelAngel cyber-analyst upon report completion.
The Potential Leaker Identification field is also available via CybelAngel’s standard API and Connectors.
Please note that the Potential Leaker Information remains a suggestion based on thorough investigative work, but in no way should be considered a definite statement.
Who can see the Potential Leaker Identification field of an Incident Report?
Every user authorized to receive the Incident Report will be able to see the Potential Leaker Identification field.
You received an Incident Report where the Potential Leaker Identification is missing. Why?
In some specific use cases, the Potential Leaker Identification will not be available. When the leak involves corporate connected storage or a malicious actor, it is highly probable that your cyber-analyst won’t be able to retrieve the information.
In such cases, reach out to them should you need further remediation support.