Insider attacks still far more difficult to detect and prevent than external cyber attacks
A recent survey conducted by Gurucul of more than 320 IT security experts, found that 15 percent of people said they would delete files or change passwords upon exiting a company.
Most organizations place their focus on defending against and detecting external cyberattacks. However, a more insidious threat is on the rise.
Information security professionals say that insider attacks are far more difficult to detect and prevent than external attacks, making them a big concern for companies.
With identities and entitlements often in a state of excess due to manual processes built upon static identity management rules and roles, it is more common than not that users inside the perimeter have access to information they do not need for their job.
This gives them the capability to perform abusive tasks within the company. However, insider threats are not always caused by users within the organization. They can also occur when credentials of employees are shared or compromised, which often goes undetected.
“By combining user and entity behavior analytics, and identity analytics, companies can not only monitor, detect and remove excess access before it is too late, but they can also monitor employee actions by detecting unusual or risky behavior,” said Craig Cooper, COO of Gurucul.