This post is also available in: עברית (Hebrew)
Insider threats constitute a serious challenge to system administrators and IT security teams, as they exist in every company and organization, from small businesses to huge corporations, within the ranks of the army as well as in the police forces.
When speaking about insider threats, most of the time people picture a malicious (former) employee, a contractor, a business partner or a mistreated client. In reality, only 35% of all internal incidents that caused data breach were “abuse” or committed with “malicious intent”.
In fact, 65% of these incidents were the result of unintentional data leaks, loss of passwords/passes, negligence in handling or disclosure of the company’s sensitive data and/or trade secrets. Most of the time, non-tech educated employees simply were not aware that it was not safe to use their corporate username/password for personal emails.
An internal threat comes from a person within the company or from an outsider who has an insider access.
The Israeli company Agriyos fights insider threats and corporate data breaches by providing intelligence analysis to security teams working on-site. The company’s analytics solutions help streamline operations and make the city, business or organization operate more securely.
Agriyos utilizes next generation technologies and tools to perform advanced data analysis and proactive intelligence to protect customers against insider threats and data breach. The detection and prevention of internal threats require knowledge in various domains: Data Analytics, Big Data, Data Fusion, Video Surveillance Event Management, Psychology, Behavior Analysis, Biometric Body & Face Recognition, etc.
Companies are unable to keep up with the growing influence that technologies and social media platforms exert on people, and in most cases, the security rules and security action plans of most of the companies need revision and updates.
Another challenge in internal threat prevention has been the miscommunication between executives and their employees. Employees that detect or suspect any illegal activity or not being careful enough in course of their work often don’t feel safe to ask their managers for assistance. This has been one of the causes for (un)intentional data leaks and financial losses.
Corporation executives should take a leading role in creating a safe environment where employees trust executives to ask for help or report on potentially harmful incidents. There is always a reason behind an employee’s lost password or access card.
On the other hand, many executives aiming to improve security treat employees with pointless suspicion.
Sometimes, too much time and energy are spent on network security (firewall, password, etc.) and the insider threat is neglected.
The psychological aspect and human behavior analysis are equally important. While an abnormal behavior in one office could be normal in another, Agriyos’s job is to detect anomalies that can be potentially harmful. The claim that an automatic correlation (software) could be an effective tool in fighting an insider threat is no more than a myth. The method is not proactive, ineffective against complex threats, real-time updates are not always possible, the pre-programmed model in use might not be as effective as other models in specific tasks, and what’s the most important, alerts that are being created are often false.
It is the holistic working environment and systematic training for executives and employees that would create the security shield within the company that will be able to fight insider threat and corporate data breach.
Agriyos showcased its innovative technology and concept at the recent Conference on Big Data for Homeland Security.