• SupraMario@lemmy.world
    link
    fedilink
    arrow-up
    45
    arrow-down
    1
    ·
    1 year ago

    Sounds like they didn’t spend any money on Cyber security’s team to properly implement it then…data exfil %100 would have been picked up by any real DLP solution and even barebones heuristics based EDR would have thrown a red flag as well.

    • Art35ian@lemmy.world
      link
      fedilink
      arrow-up
      43
      arrow-down
      3
      ·
      1 year ago

      Haha, please. You’re talking about machine learning when the best any business is using is antivirus. You forget, Boomers are still running big business and IT departments are running security.

      It’s perfect world vs. real world my dude, and real world puts out tender for the cheapest solution.

      • SupraMario@lemmy.world
        link
        fedilink
        arrow-up
        12
        arrow-down
        3
        ·
        1 year ago

        It sounds like you’ve been working for Mom and pop shops then, and they’re not having audits done. Companies with millions of customers will usually either have in house secops or an mssp handle everything. Point being is, without audits then insurance usually will not be approved for PII loss or they flat out will not work with the company at all. It even more so with HIPAA laws.

    • AlexWIWA@lemmy.ml
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      1
      ·
      edit-2
      1 year ago

      I’ve worked at plenty of companies with exfil protection and people still did this. One has 100 devs and 500 total employees