Halfway through the year, 2018 has seen an increase of insider threats that continue to highlight how privileged access is easily abused for a variety of nefarious activities. Tesla, the electronic car manufacturer, was hit by an insider that used their access to sabotage systems and give away trade secrets. A Punjab National Bank employee gained access to sensitive passwords to the SWIFT interbank transaction system. And in a further abuse of user’s privacy and trust, a member of Facebook’s security team leveraged their access to spy on users private data and stalk women.
We often do not like to differentiate between “insider threats” that originate from the outside of an organization–for example ransomware that once on a victim’s machine leverages their access to data on the network to encrypt files–versus an actual employee inside of the organization, because the outcomes while different exhibit similar behavioral patterns. Identifying these behavioral patterns are key in stopping insider threats, however, to do so we have to monitor user and data activity. The latter continues to be a shortcoming for many organizations.
As we continue to monitor growing trends in data security we are reminded that all the well-formed regulations and fancy machine learning in the world won’t help if we aren’t monitoring privileged access and the activity of data.
Start a Free Stealthbits Trial!
No risk. No obligation.