Thursday, March 28, 2024

When Data Theft Is an Inside Job

From the University of Nebraska in the U.S. to a leading Canadian credit union, and a dustup between Tesla Motors and China’s Alibaba, insider data theft is trending in IT security anxiety. Insider data theft isn’t new, but it’s a growing problem for organizations of all types and sizes. That’s because personal and business data theft has been increasing in recent years, and many of the perpetrators are insiders.

Worried about Data Theft?

According to a recent survey, 90 percent of organizations feel exposed to ‘insider’ data exploits.IT security professionals, as well as business leaders, are worried, and for good reason. Insider data security threats can expose organizations to data theft and many other types of cybersecurity hazards.

When we hear or read the phrase, “data breach,” it’s easy to think of bad actors wanting to harm or steal data from a business or government agency. But many data breaches occur every day. In these attacks, current or former employees steal data and try to profit from the theft. Verizon 2018 Data Breach Investigations Report cites that more than a quarter (28 percent) of attacks reported were inside jobs. And about three-quarters of these exploits were motivated by profit. “Pure fun” as the report described, was another popular motive.

Plenty of Blame to go around

Insider theft incidents can happen for many reasons. If you’re wondering why insider data theft rates are increasing, look no farther than organizations with:

  • Employees who have a lax attitude about theft. Many employees view data theft as no more serious than taking a pen or paper clips home. In the Black Hat USA 2019 survey of 476 IT security professionals, 24 percent admitted that they would steal company data to sweeten a job application at a competitor.
  • Employeeswho are careless or lack IT security knowledge. Insider threats don’t always involve intentional malice. Often, the cause is employee lack of data protection knowledge or sometimes, simple carelessness.
  • Technical decision makers, who don’t build an IT security culture.Manyemployers don’t use the principle of least privilegeto control access to company data and other assets. Also, employers often fail to train employees in specific security practices and fail to establishan IT security mindset.
  • Modern technology, which exposes IT infrastructure to exploits. Increasing use of APIs and cloud-based services are just two of the time and money-saving advances that make it easier to find and steal datain corporate networks.Technology makes it faster and easier to communicate with and connect to customers, partners, and suppliers worldwide. However, the same technologyprovides more opportunities for data theft.

However, modern DevOps security practices also use advanced monitoring and analytics tools. These advances can detect and prevent data from being accessed, manipulated, or exported by bad actors.

Building Solutions That Protect Against Insider Data Theft

Technologyis a big part of the solution to insider data theft. Companies wanting to combatthis problem are building(or subscribing to)solutions based on several important capabilities. These theft-prevention solutions enable organizations to:

  • Know who’s on the network and what they’re up to. If you can identify suspicious users, monitor their behavior, and alertsystem admins when signs of insider threats occur, you’re more likely to stop bad actors before they can get away.This approach is especially effective when solutions extend surveillance of direct employees to contractors and vendors, who get access to data and systems.
  • Recognize suspicious behavior. Many security organizations use machine learning to compare the behavior of all users against established patterns of normal activity. Non-standard activity helps to identify unusual events and suspicious behavior.
  • Provide immediate alertsof threatening behavior or unauthorized data access.It’s essential that IT and security staffmembers get immediate notification whenanyone gets unnecessary or unauthorized access to sensitive data.
  • Know who interacts with sensitive data and where and when they do it. It’s important to know who in an organization engages with valuable data. For example, employees departing a staff role could be taking data to a black-hat data merchant or to a competitor to increase their chances of landing a job.

Now, companies can subscribe to advanced data theft mitigation services that provide these capabilities and more.

Advanced machine learning and data analytics capabilities monitorand audit behaviour patterns for suspicious activity at on-premises or cloud facilities.

By monitoring many behaviours and signatures in a wide range of data sources,these services can detect and prevent data theft incidents before they occur.And, these convenient, cost-effective cloud services can help organizations avoid the costsand risks of lost productivity, customer trust, and brand reputation.

Website

Latest articles

Hackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of Servers

A critical vulnerability in Ray, an open-source AI framework that is widely utilized across...

Chinese Hackers Attacking Southeast Asian Nations With Malware Packages

Cybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two...

CISA Warns of Hackers Exploiting Microsoft SharePoint Server Vulnerability

Cybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft...

Microsoft Expands Edge Bounty Program to Include WebView2!

Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included...

Beware of Free Android VPN Apps that Turn Your Device into Proxies

Cybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user...

ZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD Platforms

Despite AMD's growing market share with Zen CPUs, Rowhammer attacks were absent due to...

Airbus to Acquire INFODAS to Strengthen its Cybersecurity Portfolio

Airbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions...

Mitigating Vulnerability Types & 0-day Threats

Mitigating Vulnerability & 0-day Threats

Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.

  • The problem of vulnerability fatigue today
  • Difference between CVSS-specific vulnerability vs risk-based vulnerability
  • Evaluating vulnerabilities based on the business impact/risk
  • Automation to reduce alert fatigue and enhance security posture significantly

Related Articles