Negligence is the top cause of insider threat, with 78% of threats coming from negligent employees, reveals a report released by Forcepoint.
From Left to Right: Alex Lim, Senior Director, Sales, Forcepoint Southeast Asia & Channel Sales and Alliances, Forcepoint Asia Pacific and Japan; Joshua Kooh, Strategic Security Consultant, Forcepoint South East Asia
Forcepoint, previously known as Websense and Raytheon|Websense, emphasizes that insider threats must be solved as 32% of insider crimes are more costly or damaging than incidents perpetrated by external adversaries. On the average, a data breach costs an enterprise $3.8-million.
To address this issue, Forcepoint has introduced to the Philippine market through Transition Asia and ACW its SureView Insider Threat, a tool which provides visibility into user activity enabling early warning and prevention of data theft and loss from hijacked systems, rogue insiders, stolen credentials, and negligent users.
Sureview Insider Threat solves problems using methods such as metadata collection and aggregation; alert aggregation; behavioral analytics; and video collection.
This security tool identifies breach by baselining “normal” user behavior and captures deviations from normal such as change in data access, working hours, email activity or copying files from network to desktop. It can also spot deviations in activity at the endpoint which may indicate a different person using stolen credentials or a system hijacked by malware. These risk indicators serve as warning signs leading up to a breach.
The solution also features a DVR-like video capture and playback of enduser’s activity for both Windows and Mac OS endpoints, providing insight into the possible motivations of suspicious behaviors before they become problems, such as employees creating back doors or stockpiling data. The video playback can provide negligent users with training and education tool while for malicious insiders, the forensic-grade record provides attribution that is admissible in a court of law.
SureView Insider Threat combines with Forcepoint’s Data Loss Prevention solution, a Gartner Magic Quadrant product that provides user behavior context around inappropriate attempts to transfer sensitive data, enabling faster and more targeted remediation. Apart from this, it has the ability to fingerprint an organization’s intellectual property or sensitive document library as it detects fractional movement from any part of a fingerprinted document.
Alex Lim, Senior Director, Sales, SEA and Channel Sales and Alliances, APAC & Japan, at Forcepoint, points out that the company empowers organizations to embrace transformative technologies such as cloud, mobility, Internet of Things (IoT), and others through a unified cloud-centric platform that protects the enterprise against attacks.
Forcepoint, Lim notes, gives enterprises the capability to detect suspicious activity sooner, and provide the context needed to decide what actions to take to defeat the attacks and stop data theft and loss. It also eliminates inefficiencies in managing a collection of point security products.
According to Joshua Kooh, Strategic Security Consultant, South East Asia at Forcepoint, solutions of third-party security vendors can easily be integrated with Forcepoint technologies through the opening up of APIs (application programmable interfaces) to enable these solutions providers to connect into it.
