Insider Threat Detection needs to be Proactive

A recent cybersecurity report found that organizations frequently miss the warning signs associated with an insider threat. The study, The State of Insider Threats 2021: Behavioral Awareness & Visibility Remain Elusive, surveyed 1,249 cyber professionals and utilized their responses along with thousands of past insider threat investigations and incidents to formulate its results. The report found that insiders usually follow the same five basic steps in their attack – known as the insider threat kill chain. The five steps include: reconnaissance, circumvention, aggregation, obfuscation, and exfiltration. The study also demonstrated that almost half of the companies surveyed found it impossible or very difficult to prevent an insider attack at the earliest stages of the insider threat kill chain and only 32 percent of respondents said their company was very or highly effective in preventing the leakage of sensitive information. According to Rajan Koo, Chief Customer Officer, at DTEX Systems, the report’s “findings indicate that in order to fully understand any insider incident, visibility into the nuance and sequence of human behavior is pivotal.” Therefore, the more effective organizations become at monitoring specific behavioral indicators and intervening early when a suspicious action is detected, than the more secure they will be against insider threats going forward. Read more at HelpNetSecurity.