Personam, Inc Predicts Top 4 Insider Threat Concerns for 2015
McLean, VA: Personam Inc., a leader in insider threat protection technology based on patent-pending machine learning and behavior profiling techniques today revealed Insider Threat Predictions for 2015. The predictions are based on insights gained from the Personam Insider Threat Lab team that monitors and responds to insider threat incidents for enterprise customers.
“Insider threat is traditionally thought to be a malicious employee with access to critical data and systems as part of their work, but a major shift is occurring as a result of huge data breaches like the one Target suffered, where compromised credentials of a supplier were used as the attack vector”, said Personam’s CEO, Chris Kauffman. “While the Snowden incident was caused by deliberate action, often times an insider threat is a result of accidental exposure or simple employee misuse, where phishing attacks successfully deliver malware onto the network.”
Personam’s 2015 predictions:
1. Significant rise in phishing scams
While armies of bots continue to blindly attack layered perimeters with exploits against specific technical vulnerabilities, this method of attack will not produce the most costly headlines in 2015. Despite the seemingly endless array of zero-day vulnerabilities, modern enterprises are heavily defended from external threats.
Cybercriminals and syndicates have learned that phishing scams is an effective way to harvest legitimate credentials that not only allows them inside the perimeter, but also gives them a disguise as a legitimate user. In just one test of business users, more than 80% of participants were unable to detect phishing email. With the success rate of these types of techniques, there will be a significant rise in the sophistication and volume of phishing and spear phishing attacks.
2. Major data breaches by non-hackers
Forget cybercriminal professionals and eastern European hacker syndicates, the real story is that people with little or no advanced technical skill will perpetrate some of the biggest data breaches in 2015. In a recent case that came to light at Amtrak, a secretary to a Train and Engine crew sold passenger data for over twenty years, receiving a total of $854,460 over that time. The point is that the person accused was simply doing their job which provided them with plenty of opportunity to secure data and data assets.
There are many motivations for someone on the inside to deliberately steal sensitive data from disgruntled employee (or former employee) to financial greed to social and political activism. And the reality is that a majority of companies won’t even know about it until it is too late, just like Amtrak. What we saw in 2014 is just the tip of the iceberg. With the combination of ample opportunity along with the right incentive, there will be many more of these cases in 2015.
3. More security budgets include insider threat
In 2015, insider threat will begin to show up as a separate budget line item and priority for cyber security. In part this stems from numerous front page examples of data breaches resulting from compromised accounts that led to outside access. Target was still fresh on the minds of business executives, with over 40 million credit and debit card numbers stolen, when the biggest insider threat story of the year broke – the Sony breach.
In contrast to outsider attacks on networks, insider threats are under reported. The damage and negative impact caused by insider incidents is more often not reported because of concerns about negative publicity. But with even a few number of big incidents making it into public media like Target, it is causing corporate directors and officers to rethink priorities as they will be held accountable for such incidents. As more insider threat incidents hit the news, and damages continues to grow despite increased spending for external threat protection, corporate directors and officers will seek niche technologies that address the potential for and risk of data breaches.
4. Government agencies will still be stuck in planning mode
In November 2012, President Obama issued a memorandum on the “National Insider Threat Policy and Minimum Standards.” Since then, executive branch departments have focused on defining policies and standards, relying on existing background checks and workforce self-reporting, and doing little to actually implement new programs or deploy effective technology for continuous monitoring and threat detection.
Government agencies will likely continue to struggle with budgets and numerous technical evaluation programs. Commercial markets will drive most insider threat capabilities and innovation.
Personam is the leading innovator using advanced analytics and machine learning to detect insider threat attacks in-progress. Personam’s appliance provides passive network monitoring without the dependence of endpoint software agents or pre-defined event input data. Often installed and operational in less than an hour, Personam continuously monitors the behavior patterns of the users and devices on the network. The moment a threat is detected, analysts in Personam’s monitoring center are notified and aid the client with incident response. Personam’s headquarters and research labs are located in McLean, VA. More information can be found at www.PersonamInc.com.