DLP SYSTEM AS A COMPONENT OF COUNTERING INSIDER THREATS TO INFORMATION CONFIDENTIALITY

Authors

DOI:

https://doi.org/10.28925/2663-4023.2025.30.995

Keywords:

cybersecurity, threats, information security, information leakage, insider attack, personal data, protection measures, DLP, UAM

Abstract

Information security threats, particularly data leaks caused by employee actions, are increasing every year and pose a serious risk to organizations. The consequences of such threats can be devastating, as employees' existing access to information assets and their knowledge of security controls complicate detection and significantly increase the time required to respond to a security incident. One of the most well-known means of preventing internal information security threats is Data Loss Prevention (DLP) systems. The capability to fine-tune rules for tracking sensitive data across the network helps prevent instances where an employee disseminates confidential data due to carelessness or a lack of awareness. Nevertheless, a DLP solution may prove ineffective against motivated insiders who can exploit security control flaws, such as the inability to inspect an encrypted file for sensitive data. This article explores ways to enhance the efficacy of DLP systems against the intentional theft and distribution of restricted information. This is achieved through the continuous interaction of Data Loss Prevention with other security controls, such as access management, user activity analytics, and an organizational corporate culture focused on ensuring information security. An analysis of modern DLP systems was conducted, and criteria were defined for selecting a solution that would best cover the organization's information infrastructure and ensure a comprehensive approach to data protection. The author emphasizes the importance of integrating Data Loss Prevention and User Activity Monitoring (UAM) for the timely detection of and response to suspicious user behavior. The practical implementation of combining DLP and UAM is examined using the example of the Teramind software suite, whose functionality provides not only full control over data usage within the organization's network but also simplifies the process of responding to confidential information leakage incidents. The research results include the development of recommendations for increasing the effectiveness of DLP systems in countering insider threats.

Downloads

Download data is not yet available.

References

Cost of a data breach 2025 | IBM. (2025). IBM. https://www.ibm.com/reports/data-breach.

2025 Insider Risk Report [Cogility]. (2025). Cybersecurity Insiders. https://www.cybersecurity-insiders.com/portfolio/2025-insider-risk-report-cogility/.

Holger, S. (2024). New Report Reveals Insider Threat Trends, Challenges, and Solutions. Cybersecurity Insiders. https://www.cybersecurity-insiders.com/2024-insider-threat-report-trends-challenges-and-solutions/.

Protecting Our Customers - Standing Up to Extortionists. (2025, 15 May). Coinbase. https://www.coinbase.com/blog/protecting-our-customers-standing-up-to-extortionists.

Verrion, W. (2025, 31 July). What the Coinbase Breach Says About Insider Risk. Dark Reading. https://www.darkreading.com/vulnerabilities-threats/coinbase-breach-insider-risk.

Polotai, O., & PuzyrА. (2024). Analysis of Means of Preventing the Leakage of Confidential Information iN Enterprises, Using the DLP System as an Example. Bulletin of Lviv State University of Life Safety, 30, 134-144. https://doi.org/https://doi.org/10.32447/20784643.30.2024.13.

Vovchanskyi, P. P., & Demchynskyi, V. V. (2020). Architecture of DLP systems in the context of BYOD policy. Theoretical and applied problems of physics, mathematics, and computer science. https://www.researchgate.net/publication/347525260_Arhitektura_DLP-sistem_v_umovah_politiki_BYOD.

Insider Threat Mitigation Guide. (2020). Cybersecurity and Infrastructure Security Agency (CISA). https://www.cisa.gov/resources-tools/resources/insider-threat-mitigation-guide.

About document fingerprinting. (2025, 31 March). Microsoft Learn: Build skills that open doors in your career. https://learn.microsoft.com/en-us/purview/sit-document-fingerprinting?tabs=purview.

Arik. (2025). Usage & Deployment Guides | Teramind Knowledge Base. Teramind Knowledge Base. https://kb.teramind.co/en/collections/7798686-usage-deployment-guides.

Kostiuk, Yu. V., Skladannyi, P. M., Bebeshko, B. T., Khorolska, K. V., Rzaieva, S. L., & Vorokhob, M. V. (2025). Information and communication systems security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.

Kostiuk, Yu. V., Skladannyi, P. M., Hulak, H. M., Bebeshko, B. T., Khorolska, K. V., & Rzaieva, S. L. (2025). Information security systems. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.

Hulak, H. M., Zhyltsov, O. B., Kyrychok, R. V., Korshun, N. V., & Skladannyi, P. M. (2023). Enterprise information and cyber security. [Textbook] Kyiv: Borys Grinchenko Kyiv Metropolitan University.

Downloads


Abstract views: 39

Published

2025-10-26

How to Cite

Haidur, H., Marchenko , V., Borsukovskyi, Y., Dmitriiev, V., & Tsarova, S. (2025). DLP SYSTEM AS A COMPONENT OF COUNTERING INSIDER THREATS TO INFORMATION CONFIDENTIALITY. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 2(30), 583–592. https://doi.org/10.28925/2663-4023.2025.30.995

Issue

Vol. 2 No. 30 (2025): Cybersecurity: Education, Science, Technique. Special issue.

Section

Articles

License

Copyright (c) 2025 Галина Гайдур, Віталій Марченко, Юрій Борсуковський, В'ячеслав Дмітрієв, Софія Царьова

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.

Most read articles by the same author(s)