While a number of organizations have invested in technologies to help detect and defend against external attackers, many companies are starting to better understand the risks from insider threats, which a recently published whitepaper said may actually be a larger issue.
According to the report insider attacks are more difficult to detect and prevent than external ones, with 91% of respondents in a similar survey of IT and security professionals reporting they feel vulnerable to both malicious and accidental insider threats.
“Gurucul mitigates these risks by employing behavioral analytics,” said Craig Cooper, COO of Gurucul. “By combining user and entity behavior analytics, and identity analytics, companies can not only monitor, detect and remove excess access before it is too late, but they can also monitor employee actions by detecting unusual or risky behavior. By detecting when users are acting in ways that contradict their normal behavior and job function, our customers are able to intervene.”
At issue is teams are overloaded with identities and entitlements because of the manual processes built into the static identity management rules and roles. “It is more common than not that users inside the perimeter have access to information they do not need for their job. This gives them the capability to perform abusive tasks within the company. However, insider threats are not always caused by users within the organization. They can also occur when credentials of employees are shared or compromised, which often goes undetected,” wrote Gurucul’s Alison DeNisco Rayome in a July 2 blog post.
Source: Infosecurity Magazine