Malicious activity by trusted users can be very hard to catch, so look for these red flags.
Previous  - slideshow arrow gray left - 6 Ways to Tell an Insider Has Gone Rogue

1 of 7

Next  - slideshow arrow black right - 6 Ways to Tell an Insider Has Gone Rogue

Image Source: Mashka via Shutterstock  - 01 rogueinsider - 6 Ways to Tell an Insider Has Gone Rogue

Image Source: Mashka via Shutterstock

Insiders with legitimate access to enterprise systems and are responsible for far more breaches than many might realize. Granted, very often the breaches are accidental or caused by an individual’s negligence or failure to follow policy – but when a malicious insider is responsible, the results can be disastrous.

Edward Snowden’s 2013 heist of some 1.5 million classified documents from the National Agency (NSA), where he worked as a contractor, remains one of the most spectacular examples of insider theft. But there have been countless other incidents in recent years where organizations have experienced serious data loss or damage to systems and data as the result of malicious activity by an insider.

While enterprises are generally cognizant of the , many have struggled to deal with it. One reason is that most security tools are not truly designed to spot dangerous or potentially malicious activity by someone with legitimate access to an enterprise system or data. In addition, many organizations have been cautious about implementing too many controls for monitoring insider activity for of being viewed as too big brotherly.

“Enterprises are ill-equipped to protect their trusted insiders because legacy systems like employee monitoring or keystroke logging are extremely heavy and invasive to user privacy,” says Christy Wyatt, CEO of Dtex Systems. “This that many organizations have been reluctant to deploy them.”

The key to dealing with insider threats is to keep an eye on all those accessing your most sensitive data in a way that does not intrude on privacy. “There are many critical behavior red flags that you can look for in order to accurately and quickly pinpoint insider threats,” Wyatt says. “Three of the major red flags we see are data exfiltration, obfuscation, and bypassing security measures.”

Here, according to Wyatt and others, are six signs that an insider has gone rogue or is headed that way.

 

Jai Vijayan is a seasoned technology reporter with over 20 years of experience in IT trade journalism. He was most recently a Senior Editor at Computerworld, where he covered information security and data privacy issues for the publication. Over the course of his 20-year … View Full Bio

Previous  - slideshow arrow gray left - 6 Ways to Tell an Insider Has Gone Rogue

1 of 7

Next  - slideshow arrow black right - 6 Ways to Tell an Insider Has Gone Rogue

More Insights



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here