In order to address the growing insider threat problem, many companies are building out programs from within to protect themselves from their own employees, The Wall Street Journal reported Wednesday (Dec. 30).
These threat detection programs are not only said to make data and activity tracking easier but can also monitor specific movements related to an employee’s activity. According to Internet threat monitor experts, companies spanning the financial services industry and both retail and entertainment sectors are investing heavily in detection systems designed specifically to address internal threats.
“I think people are more aware of it and spending more on it now,” Dwayne Melancon, CTO at Tripwire, told WSJ, noting that companies are better able to detect dangerous insider threat activity the earlier they adopt the use of these types of systems.
“The challenge is having enough history to really know what’s normal,” he added. “[New users] tend to over-monitor, and that creates so much data they have to wade through.”
Earlier this year, the “Insider Threat Report” found that 62 percent of the more than 500 cybersecurity professionals surveyed said the number of instances surrounding insider threats have increased over the last 12 months. Despite this, the study still found less than 50 percent of organizations have the right controls in place to prevent insider attacks.
The report further discussed which user categories represent the largest threat, the most vulnerable applications and data, common launch points for attacks, budget trends and more, the company release said.
These types of threats are usually posed by privileged users — such as system administrators, database administrators and managers — who have access to sensitive company information.
“Organizations need real solutions to quickly and simply identify and defend against cyberthreats,” Sue Barsamian, SVP of enterprise security products at HP, told WSJ in an emailed statement.
“We will continue to learn and adapt to these ever-changing threats, but through enhanced analytics and streamlined processes, we are now achieving faster results and detecting breaches before any significant damage occurs,” Barsamian explained.