BeyondTrust

Security in Context: The BeyondTrust Blog

Welcome to Security in Context

Bringing you news and commentary on solutions and strategies for protecting critical IT infrastructure in the context of your business.

Predicting Insider Threats

Posted July 19, 2011    Peter McCalister

In the movie Minority Report, police have created a system which predicts crime before it happens in a nightmarish Orwellian scenario. But what if companies could predict who would attack their most valuable assets? What kinds of ethical considerations would arise?

While insider threats are less in number, when they do happen the damage is generally far greater than an outside attack. According to the 2011 CyberSecurity Watch Survey conducted by CSO Magazine and Deloitte, annual monetary losses from breaches average approximately $123,000 per organization.

This past year WikiLeaks has brought new meaning to the concept of insider threat by providing a convenient vehicle to empower staff at government agencies and public/private corporations to quickly and instantly hand over their privileged information to the world.

Researchers at Pacific Northwest National Laboratory believe that combining traditionally monitored cyber security data with other kinds of organizational data is one option or inferring the motivations of individuals, which may in turn allow early prediction and mitigation of insider threats. While unproven outside the lab, researchers believe that this combination of data may yield better results than either cyber security or organizational data would in isolation. However, this nontraditional approach yields inevitable conflicts between security interests of the organization and privacy interests of individuals.

Should warning signs of a potential malicious insider be addressed before a malicious event has occurred to prevent harm to the organization and discouragethe insider from violating the organization’s rules? Predictive approaches cannot be validated a priori; false accusations may harm the career of the accused; and collection/monitoring of certain types of data may adversely affect employee morale.

While predicting insider threats makes for an interesting movie plot, the best bet for organizations in this day and age is to implement privileged identity management solutions to create boundaries that enable end users and applications to communicate freely within an IT environment without worry of intentional, accidental or indirect misuse of privilege.

Leave a Reply

Additional articles

beyond-trust

PowerBroker for Windows – Most Innovative IAM Solution by Cyber Defense Magazine

Posted April 21, 2015    Scott Lang

PowerBroker for Windows has been selected as a winner by the 2015 Cyber Defense Magazine Awards Program in the category of “Most Innovative Identity and Access Management Solution”.

Tags:
, , ,
pbps-customer-campaign-image

Are you changing your passwords as often as the weather changes?

Posted April 20, 2015    Scott Lang

There is one thing that should change more frequently than the weather: Your privileged passwords. Why? If you’re like more than 25% of companies out there, then your current IT environment contains unmanaged accounts putting you at risk of data breaches and compliance violations, and you don’t have a process to control those accounts.

Tags:
, , , ,
webinar1

On Demand Webinar: Advanced Windows Tracing

Posted April 17, 2015    BeyondTrust Software

Webinar: Security MVP, Paula Januszkiewicz, shows Windows administrators how to be more aware of what happens whenever somebody does something within the system.

Tags:
, ,