Rise in Insider Threats Drives Shift to Training, Data-Level Security

Rise in Insider Threats Drives Shift to Training, Data-Level SecurityAs the value and volume of data grows, perimeter security is not enough to battle internal or external threats.Data breaches continue to devastate organizations, and the threat from insiders — whether malicious or accidental — continues to grow as the value and volume of data expands at near breakneck speed.
The latest research from Verizon showed that internal actors contributed to 25% of data breaches, and other research has shown insider threats to be on the rise, with more than half of cybersecurity professionals reporting growth in insider threats over last year, according to Crowd Research Partners’ 2017 Threat Monitoring, Detection and Response report (registration required). 
None of this is surprising. Enterprises are accumulating ever-more data for business intelligence. They’re sharing more data with partners, suppliers, customers, and cloud providers, and they’re linking more data to more applications, mobile and otherwise. This activity is the lifeblood of a robust economy and expanding Internet of Things ecosystem, but it also creates more opportunities for increasingly sophisticated cyber attacks and security breaches.
Not Just an Inside JobWith an insider threat, the culprit is already inside the network. Securing the perimeter around the network — which has long been the focus for enterprise security — does not do the job against this kind of a threat, whether it is malicious or unintentional. Nor is focusing on securing the perimeter the best strategy against many external threats. That’s because data-smart companies want to be able to safely give partners, suppliers, and customers access to their networks in order to increase business opportunities.
As a result of this shift, security needs to rest with the data itself, not just at the network level. The move to the cloud elevates the need for data-level protection. To reduce the risk of insider threats, companies and organizations need to focus on three areas:
Hurdle 1: The DataConnected enterprises need and want approved partners inside their networks, but they don’t want everybody to have access to all data. As a result, database technologies today offer flexible and granular access controls to ensure that employees only have the privileges necessary to do their jobs — and nothing else. For instance, someone in Human Resources may be allowed to access work-related salary information but not personal information such as an employee’s home address.
网络安全公益短片扫描二维码的安全风险
使用盗版,不花钱享受了好东西,仿佛是捡了便宜,然而给我们一时快感的盗版会严重伤害我们的未来,因为盗版会压制创新,而创新决定我们的未来。我们的所有员工都签署了反盗版条约,并付诸于行动。
Other types of database security measures also can act directly on data. Encryption technologies require people to have encryption keys to unlock data. Redaction enables companies to hide sensitive data, but share other, related data. For instance, if a patient is enrolled in a clinical trial, data about how that patient reacts to a drug can be shared, but the patient’s personal identified information is not. 
All of these tools improve data-level security. But for enterprises to really wring business intelligence out of their data, they also need to trust their data. This requires good data governance: knowing where data came from, when, how and if it was changed, and by whom. With security at the data level, inside actors face another hurdle.
Hurdle 2: Awareness TrainingEmployee negligence remains the number one cause of most insider security events, concluded CSO’s 2017 U.S. State of Cybercrime survey. All told, 28% of insider security incidents were unintentional or accidental, 18% were intentional, and 8% resulted from theft of insider credentials, according to the survey. In healthcare, the 2017 KPMG Cyber Healthcare & Life Sciences Survey of 100 senior executives reported that a full 55% of organizations have seen employees fall prey to phishing scams. All of this points to a need for better education.
Companies vary in how and how often they train, but the key factor is that employees need to buy into the idea that security is important. Educate them on the value of company data, on different types of data, what’s shareable and what’s not, and why access controls are critical. Remind employees that downed networks and lost data affect business reputations, which may hinder future opportunities. Anyone can relate to the pain and cost of having their identity stolen. A company is similarly vulnerable.
Hurdle 3: Executive Buy-inExecutives set the tone for how important something really is to a particular organization. Are executives investing in security and training? Do they talk about security with employees and with board members? Despite the importance of data security in healthcare, KMPG’s survey found that more than one-third of healthcare organizations don’t even have a CISO, and 6 in 10 boards see cyber-risks as an IT problem as opposed to an issue that has a universal impact.
Hurdle 4: The Promise of Big DataIn the past, security detection was limited to looking for patterns in network-centric data. Now, we have data on servers and in databases, all of which can be monitored and audited to provide a richer set of detection opportunities.  Metadata — data about data, such as data origin, quality, owner, geolocation — creates new opportunities for security anomaly detection. Combine all that data with big data compute power and you have another tool to detect breaches or, better yet, stop them before they get that far.
Related Content:
7 SIEM Situations That Can Sack Security Teams
Ransomware Will Target Backups: 4 Ways to Protect Your Data
GoT & the Inside Threat: Compromised Insiders Make Powerful Adversaries

Join Dark Reading LIVE for two days of practical cyber defense discussions. Learn from the industry’s most knowledgeable IT security experts. Check out the INsecurity agenda here.
如果您的设备不够安全,您的数据可能被泄露、被网络犯罪分子删除或篡改,更可能由于经济利益而被滥用。简单地说,保持这些系统的安全,能帮助保持您的业务安全。

猜您喜欢

通告】东丰县财政局国库集中支付电子化系统信息安全建设设备采购项目 https://www.skxox.com/20170905/1620224704.html
网络犯罪日益猖獗,信息安全专家必须改变安全战略
网络安全法学习课堂
目瞪口呆!奇女子挑战人体柔韧极限
ELBALONROSA WEATHERIZATIONRESOURCE
树立正确的安全事故观