Connect with us

Hi, what are you looking for?

Business

How businesses can protect their organizations from within

The report “User and Entity Behaviour Analytics Protecting your organisation from within”comes from IT Management Insight. Drawing upon the results of a survey (The PwC Global State of Information Security Survey), the report shows how around two-thirds of cybersecurity incidences affecting businesses came from either current and former employees. The learning point is for businesses to adopt robust methods for controlling access to sensitive data and for monitoring access in real-time to prevent data breaches from occurring. These twin steps are presented as being essential for the successful security within any organisation.

The implications of this are often contrary to the security policy of most businesses, where typically security is orientated outwards with most organizations focusing their efforts on potential breaches from external sources.

Considering the internal threat, the report draws on two examples:

a) As employee numbers grow, an organisation’s vulnerability to insider threats increases similarly. This means that sensitive data can be stolen, deleted or exposed by malicious individuals with access to it. One common error is with sharing of network passwords. One survey found that almost half of employees admitted password sharing.
b) Carelessness: damage or theft of data can also occur as a result of simple carelessness or a successful phishing attack. This can arise, for example, from an employee clicking on a link embedded in an textual email.

Given that both of these scenarios can take days or months to detect, the report places great emphasis upon improving monitoring systems. A means to do this is through User and Entity Behavior Analytics (UBEA) software. In Gartner: Market Guide for User and Entity Behavior Analytics, UEBA is defined as software that “successfully detects malicious and abusive activity that otherwise goes unnoticed, and effectively coordinates and prioritises security alerts sent from other systems”.

These solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns—anomalies that indicate potential threats. Hence UEBA can serve as a powerful tool for detecting and responding to threats posed by internal users. The analytics help businesses to uncover threats and to prioritize and neutralize each incident.

Written By

Dr. Tim Sandle is Digital Journal's Editor-at-Large for science news. Tim specializes in science, technology, environmental, and health journalism. He is additionally a practising microbiologist; and an author. He is also interested in history, politics and current affairs.

You may also like:

Entertainment

This October, renowned Japanese pianist Hayato Sumino will step on Poland's Warsaw Philharmonic Hall stage in the 18th Chopin International Piano Competition.

World

China has confined the residents of entire cities to their homes and rolled out mass testing as it battles its largest coronavirus outbreak in months...

Tech & Science

A House Republican lawmaker’s investigation into the origins of COVID-19 are suggesting coronavirus was released from Wuhan lab.

Business

The 2021 holiday shopping season could be marred by out-of-stock goods and shipping delays in Europe and China.