Most recently ESG/Vormetric came out with a threat report that highlighted the increase in insider threats & the significance to augment perimeter and host-based security. The rationale behind the increase was that more people are accessing the network, increase cloud and network traffic are making it difficult to isolate the problem.
Almost 50% of the organizations believe they are vulnerable to insider attacks and have or plan to invest dollars.
This is alarming!
The top methods noted for these insider threat vulnerabilities were abuse of access by privileged users, contractors, and other employees. Security professionals are finding it quite difficult to monitor the users, traffic, ports, etc to identify and mitigate insider threats. They must glean this information from multiple sources and many times need to translate the data. For example, “whose IP address is this and why is Mary from finance, who is supposed to be on vacation, downloading data from the payroll server?” This process slows the resolution time. The criticality of this type of contextual information is enormous to remediate quickly.
Security needs to be pervasive and consistent to manage these inside threats—so how does one do this? Integrate security into your infrastructure (wireless, wired, VPN)! Once security is woven into your infrastructure it provides the visibility and clarity to respond in a timely manner with a high degree of efficacy and is not dependent on distinct and isolated ingress points.