Advertisment

The new normal of work makes Insider Threat Management a tricky affair

author-image
Soma Tah
New Update
Aujas

PCQuest, in association with Aujas Cybersecurity and IBM Security, held a live webinar on the theme of “Strengthening Remote Workforce Security” to give businesses a guided tour on Insider Threat Management.

Advertisment

Cybercriminals never sleep and constantly evolve their attack patterns to take advantage of online behaviour and trends. The COVID-19 outbreak is no exception, said Sunil Rajguru, Editor, PCQuest.  

From devices and networks, threats now have shifted to user and application layers. With almost 90 per cent of employees working from home during the COVID-19 crisis, businesses need to invest in right infrastructure and controls and a well-defined response mechanism to protect themselves from the constantly evolving cyber threats, both inside and outside of the organization.  

The live webinar was well-attended and participants got detailed information on how Insider Threat Management got tricky during COVID-19 crisis and how User Behavior Analytics (UBA) tools can help.   

Advertisment

An insider threat is generally defined as a current negligent or former disgruntled employees, contractor, or other business partners who has or had authorized access to an organization’s network, system, or data and intentionally or unintentionally misused that access to negatively affect the confidentiality, integrity, or availability of the organization’s information or information systems.   

A recent study by the Ponemon Institute recorded a dramatic increase in both the cost and frequency of insider threats since 2018. The average global cost of insider threats rose by 31 per cent in two years to $11.45 million, and the frequency of incidents spiked by 47 per cent.  

Navin Kotian, Co-founder & COO, Aujas said, “Remote Work has significantly increased the cybersecurity attack surface, making businesses revisit the security fundamentals altogether. Risk assessment in this New Normal has become extremely crucial for the organizations. One area that now needs to be monitored more than ever before is that of the ‘Insider Threats’ because employees are not protected by the corporate networks anymore.”  

Advertisment

Sudeep Das, Technical Sales Leader, IBM said, “The existing tools are not sufficient to distinguish between good legitimate users and bad malicious users, because the number of personal mobile devices and online tools used to perform work has grown phenomenally during the lockdown. People are using the same devices for work, online shopping, and entertainment when they are working from home.”  

Das explained how UBA tools leverage out of the box behavioural rules and machine learning (ML) models to add user context to network, log, vulnerability and threat data to more quickly and accurately detect insider threats.  

IBM QRadar User Behavior Analytics (UBA) can help security analysts identify risky user activities and drill down into the underlying log and flow data to identify the factors contributing to those users’ risk score.   

Gnana Prakash, Practice Head-MDR, Aujas explained how Aujas is adding further value to the threat hunts and remediation processes by analyzing trails and past incidents to identify any compromise by comparing logs, flows and user behaviours, etc.   

ml cybersecurity ibm behavior-analytics aujas insider-threats
Advertisment