10. Security investigations , by nature, are reactiveDetect & contain Information Theft without collecting a single email * Ponemon Institute - 78% of US companies have suffered unreported insider breaches; 59% of departing employees steal company information.
17. Process is iterative – re-collection is inevitable Re-active & iterative Labor &cost intensive
18. Insider Theft Trade Secrets – departing employee UBS Accuses Three Quant Traders Of Stealing Its Source Code “UBS has filed a lawsuit against three quant former employees alleging that they stole proprietary trading software with the intent of using it at their new employer, Jefferies & Company.“ The three were also accused of starting their new jobs at Jefferies & Co while still employed at UBS. Uncover IP theft in minutes - without collecting email Early detection = containment!
19. Litigation Investigations Early Case Analytics Internal Investigations Example: M&A press leak. Who inside the company leaked information to the press [shaded grey]? Some individuals are authorized to speak to the press. Some are not! F Keavey who works in R&D should not be communicating with John Edmiston Quickly establish who to investigate and tag suspicious emails.
20. Kick-backs - FCPA Kick-backs - FCPA SEC fines GE $23M for FCPA violations General Electric Company, whose compliance program is among the most respected and admired in the world, has settled civil violations of the Foreign Corrupt Practices Act with the SEC. The company agreed to pay $23.4 million to resolve claims of kick-backs to Iraqi government officials for lucrative supply contracts by four GE subsidiaries paid under the United Nation's oil-for-food program. Quickly assess the severity of the investigation. Co-operate with authorities. Negotiate early. Early resolution = reduced fine and less PR exposure
21.
22. Automated anomalous Behavior reporting: identify high-risk relationships and define policy before incidents occur
KEY POINTSQuickly highlight the relationships that matter, saving time, enabling a risk assessment to be made earlier in the cycleBy knowing who and what to investigate EARLY, our clients save an enormous amount of time and money downstream in the EDRM process.EXAMPLE – JP Morgan - always on log file analysis – 250,000 employees – identify custodians, dramatically reduced the number of pst’s and hence emails that need to be collected, preserved and analyzed.Early Case Analysis and Assessment. How can you make a real assessment when you may not have all the right people, custodians, wrong data etc.The other methods just “tell you that their technology filter data sets down by 95% based on keywords etc” , but it is still looking at the data. One way the Catelas technology is being used for eDiscovery Cases is to analyzes log files from Exchange and other systems even before collecting any emails. The value comes from being able to make sure you have all the right suspects, custodians etc. upfront the first time. This allows functions such as Legal, Compliance, Risk and Information Security to understand both who knows who, how well and a chance to uncover non-obvious relationships, BEFORE a single email is ever collected and get a better handle of what data really needs to be collected. Normal methods of looking at content really may be (too big to look at all the emails, so some just look a snapshot –that still depends on your keywords or how good your search is)…that all changes with Catelas, because you can analyze log files (20GB may = 10-15 MM emails) and Catelas is the only ones doing that today. Avoid over collection and spoliation; preserve the right content by uncovering non-obvious relationships and activity
UBS loses trade secrets theft caseFeb 22 2010The US Financial Industry Regulatory Authority (FINRA) has ruled against UBS in its allegations that three of its former employees stole an algorithmic trading code used by the bank.The arbitration case found in favor of the three employees – Jatin Suryawanshi, Partha Sarkar, and Sanjay Girdhar. According to the UBS complaint, they were accused of misappropriating trade secrets, breach of contract, breach of fiduciary duty, unfair competition and “other wrongdoing” while they were employed by UBS Securities.They were accused of obtaining proprietary company information – in this case the source code for UBS’s algorithmic trading programmes. They were then planning to give the source code to their new employees at investment bank Jefferies & Co, according to the report which appeared in Securities Industry News.Reports said that Sarkar had allegedly copied 25,000 lines of computer source code from UBS computers. This was roughly equal to the length of one algorithm, or parts of several. He then allegedly emailed this code to this personal email account. Suryawanshi was also accused of attempting to hide his colleague’s theft by deleting the records from a UBS computer.The three were also accused of starting their new jobs at Jefferies & Co while still employed at UBS. Suryawanshi was accused of a breach of fiduciary duties by poaching the other two programmers to work for other investment bank. The three former UBS employees had denied the charges.
The Catelas Platform is based our UNIGUE combination of Sciences: Behavioural Analysis, Social Network Analysis, and Data Analytics. We analyze communications data including e-mail, IM and telephony. For the Webmail and external IM we would take a feed from the Firewall.Our advanced network & relationship analysis algorithms allow networks to be analyzed quickly. Within hours, Catelas identifies both the internal and external people who should be investigated, before all the email content is analyzed and reviewed. For example Catelas was deployed in 2 days into one of largest financial services companies, with 40 exchange servers/12 million emails per week, with no disruption to existing systems such as Microsoft Exchange. For example, the strength of a relationship is not solely influenced by the raw number of communications but rather the patterns within the interactions between two people. i.e. During a shared experience – such as working on a project together – the strength of Relationship between 2 people will become stronger faster. This is represented by a burst of interactions. We analyse these burst and other patterns to determine the strength of a relationship.