(305) 900-4455                                                                                                               
info@skyone.solutions

Support

  • Our Story
  • Cloud Solutions
    • Auto.Sky
    • Auto.Sky Business One
    • Cloud.Guru
    • Sky.Saver
  • Software Suppliers
  • Companies
  • Success Stories
  • Contact
  • The Sky.One Terminal
  • Support
  • English
    • Português
    • English
    • Español

What a CTO Fears the Most and What to Do About It

    Home Uncategorized What a CTO Fears the Most and What to Do About It
    NextPrevious

    What a CTO Fears the Most and What to Do About It

    By Sky.One | Uncategorized | Comments are Closed | 16 September, 2019 | 0

    The cyberthreat landscape is continuing to keep pace with new solutions being marketed by today’s cybersecurity vendors. Even though most security products are on top of things (for now), it only takes one missed step for a company to find itself at the end of a costly lawsuit or PR disaster. 

    Lost in translation of ransomware, DDoS and phishing attacks can be more costly r and even more elusive. You can set up as many firewalls and train your employees against threats emanating from external attacks, but what do you do against those that come from within? 

    Call them insider threats, malicious insiders or sleeper agents, we can all agree that people with harmful intent and access to sensitive information pose a far greater problem than any cyber security threat. 

    If you have been worrying about insider threats, then you are not alone. Veratio’s 2018 Insider Threat Survey discovered 56 percent of IT professionals consider regular employees to pose the biggest threat to their company. 86 percent also feel that confidential company data is exposed. 

    Malicious insiders also continue to make the news, fueling (and justifying) such assumptions. Mercedes had famously sued one of its ex-employees, Benjamin Hoyle, whom they accused of stealing sensitive information and giving it to Ferrari. 

    Similarly, a partner at a venture capital firm was found to be poaching deals from his old company for almost two years because he had access to the company’s Dropbox account. Each time the company proposed a deal, he had his new employer undercut them by making a better offer. 

    The case of malicious insiders is perplexing because there are no immediate solutions that come to mind. They can bypass most, if not all security protocols since they possess access rights by virtue of being an employee. They do not have to leave the company to harm it either and can continue siphoning information while still an employee. 

    Taking defensive measures against employees can also easily fuel organization-wide fear and paranoia where everyone will constantly look over their shoulders and suspect one another, hurting morale and productivity. Obviously, the issue needs to be managed with a certain delivery.

    The Many Faces of an Insider Threat

    While the disgruntled employee taking revenge for a passed promotion is the typical archetype here, insider threats can come in many forms…

    Inadvertent Insiders: Not all threats are intentional. Employees unwittingly committing acts that compromise company data accounted for half the companies worried as per a 2018 insider threat report. Employees that fall into this category generally exhibit compliance and will take due precautions. 

    Errors committed here are isolated and happen by mistake. These can include connecting unsecured personal devices to a company network, sharing information the person is unaware is classified, opening phishing emails on company-issued devices and/or email accounts as well as browsing websites with malicious content. 

    People prone to such actions are also targeted by outside agents as they are far easier to “hack” than a company’s IT security measures. Popular MO used by people here include Man in the Middle (MitM) attacks, tricking the target into clicking infected links or attachments and exploiting misconfigured servers. 

    Insider Collusion: Essentially secret double-agents working within a company, colluders are rare, however, can pose a significant threat to a company’s interests because of their scope of operation. A study by Community Emergency Response Team (CERT) also found collusion to comprise of roughly 48 percent of all insider incidents. These included fraud and intellectual property theft. 

    Persistent Malicious Insiders: These guys know what they are doing and look out for information that can help them gain financial rewards. Also known as “second streamers”, a persistent malicious insider takes special care to remain undetected and attempt to gain access to high priority segments within a company to maximize their efforts. A Gartner study found second streamers to contribute to 62 percent of all insider threats. 

    Disgruntled Employees: People dissatisfied with how they are being treated are more than likely to affect reprisals by stealing (classified) information, or taking it with them when moving to a new job. They may also sabotage a company’s interests by either planting false leads or convincing high performing employees to leave. The infamous Morgan Stanley breach where a financial adviser – Galen Marsh managed to upload the information of 350,000 clients online to Pastebin is a good example of how much damage a company’s own employees can cause it. 

    Combating Insider Threats One Step at a Time

    Current insider threat detection and prevention measures such as dragnet, event detection and manual investigation often fall short as they either generate far too many false positives or require an intensive manual study of each case that can take too long to generate any effective leads. Usually, the management gets nowhere while the breaches continue or regular employees end up becoming malicious as they are treated with a “guilty until proven innocent” attitude. 

    Instead, leading cybersecurity experts propose a three pronged strategy which includes:

    • Microsegmentation
    • Culture Change
    • Prediction

    Microsegmentation: Instead of opting for an off-the-shelf insider threat protection strategy, companies should consider understanding their data and how their workforce interacts with it to gain a better idea of where potential risks lie. 

    A company’s Identity Access Management and HR data can be used to understand which set of employees have access to the most sensitive data assets. Next, employee groups that pose the most threat can be identified so that focussed strategies can be created for them. 

    Furthermore, network segmentation can also be used to provide incremental security to ensure proper access rights are given as and when needed. While existing on-premise and hybrid cloud ERP solutions do indeed allow for microsegmentation, implementation can get tedious as the solution needs to be tailored to every company’s data set and business interests. 

    The vast majority of network segmentation strategies create Virtual Local Access Networks (VLAN), each separated by a firewall or router control lists. But VLANs often require 6-10 months to implement properly during which time applications will need to migrate over to their respective VLANs, causing significant downtime. 

    A better strategy will be to bake microsegmentation into a company’s ERP suite right from the start. Since postmodern ERP solutions can add applications and networks more effortlessly, they make the ideal starting point for a point-defense strategy as well. 

    Postmodern ERP can leverage software defined networks and virtualized networks to allow for a more granular partitioning of data and traffic. Different policies can be created for every scenario, limiting data and application flow between different environments. They also come with access-right security policies and identity analytics out of the box, which can be tailored to each company’s requirements during implementation. 

    Culture Change: While most companies are fixed on catching insider threats, a better way will be to address the drivers that cause malicious activity in the first place. Organizations may find that very specific reasons behind certain types of malicious behavior and may have to design strategies targeted to each microsegment.

    For instance, negligence can be combated by including security drills and targeted intervention into the cultural fabric of the company. Financial stress, flight risk due to poor management or lack of promotion, lack of appreciation and too much competition are all drivers that can be addressed with a little forethought and planning. 

    A company can start by conducting satisfaction surveys to hone in on hotspots. If the surveys hint at a malicious trend, then management can create interventions against it. For example, if a company discovers employees in marketing are dissatisfied with their manager because they are being made to work long hours, then they  can either rotate the manager out or help him/her delegate tasks better to reduce workload.

    Prediction: Managers need to stay ahead of the curve to mitigate insider threats if they are to stop them from manifesting. Much like buyer personas, insider threat personas can be created to study threat types that an organization is most likely to face. Once markers are established and understood, they can be used to take preemptive action against a fermenting threat. Data can be collected from emails, colleague/manager feedback and employee surveys. 

    Concluding Thoughts

    At times, the best defense is a good offense certainly holds true when dealing with malicious insiders. It is well established that it is the human element of a cybersecurity measure that is typically compromised. While modern, cloud-based tools allow greater transparency and segmentation, how a company treats its employees will ultimately dictate whether they turn into an inside threat or not.

    SkyOne specializes in creating tailored productivity solutions for modern enterprises using industry leading technologies and standards.The Auto.Sky platform is configured with high-end security procedures and the power of AWS’ hosting infrastructure to keep companies secure from these types of increasing threats. If you are ever interested in finding out more on how the Sky.One Team designs highly protected cloud environments for your customers, please feel free to contact us to schedule a call.

    No tags.

    Related Post

    • Who invented cloud computing?

      By insidemidia | 0 comment

      Nowadays, we can access the Internet from anywhere in the world safely and rapidly. The technology has evolved steadily, perfecting communication. One of these technologies is Cloud Computing, which allows storing, sharing and providing data,Read more

    • Cloud computing: a tool for every need

      By insidemidia | 0 comment

      It is thought that the term cloud computation or cloud computing was used for the first time at the end of the 1990s, but researchers point out that the concept of sharing information between computersRead more

    • Scalability: the greatest benefit of cloud computing

      By insidemidia | 0 comment

      If you look up scalability in an English dictionary, it means a system’s capacity to expand without losing performance. As it is widely used in the technical field of the IT sector, it has becomeRead more

    • voce-sabe-o-que-e-xaas-evolucao-da-computacao-em-nuvem

      Do you know what XaaS is? The evolution of cloud computing

      By insidemidia | Comments are Closed

      The term XaaS was created with the idea of expressing Something as a Service or Everything as a Service. This acronym refers to the growing number of services delivered on the Internet instead of beingRead more

    • como-convencer-seu-cliente-investir-em-cloud-computing

      How to Convince Your Client to Invest in Cloud Computing

      By insidemidia | Comments are Closed

      Technological innovation. That is the motive for your customer to adopt cloud computing for their infrastructure. With the digital transformation in today’s marketplace, companies, regardless of sector or size, cannot become part of this newRead more

    • 7-dicas-para-otimizacao-de-custos-da-nuvem-aws

      Spot Instances and Tips to Optimize Costs in the AWS Cloud

      By insidemidia | Comments are Closed

      Results of investing in the cloud depend on two primary factors: Increase the performance of the company’s operations and return on investment (ROI). These components validate the project and promote new initiatives allowing cost optimizationRead more

    • saiba-como-reduzir-os-custos-na-nuvem-com-o-aws-spot

      Learn how to reduce costs with AWS Spot

      By insidemidia | Comments are Closed

      Among its priorities in cloud computing, Amazon promotes innovative technologies, information security and passing its cost savings down to the you, the customer. AWS aims to provide the best cloud solution by continually rolling outRead more

    • explore-os-beneficios-da-integracao-de-aplicativos-e-adocao-do-saas

      Explore the benefits of integrating applications and adopting SaaS

      By insidemidia | Comments are Closed

      Cloud computing is the perfect way to rapidly and efficiently put your business applications into operation. Software as a Service (SaaS) is becoming the preferred delivery model for all major software manufacturers in today’s marketplaceRead more

    NextPrevious

    Recent Posts

    • 17 October, 2019
      Comments Off on Four Cloud Success Stories Worth Hearing

      Four Cloud Success Stories Worth Hearing

    • 10-dicas-praticas-para-protecao-de-dados-em-sua-empresa
      23 September, 2019
      Comments Off on 10 practical tips to protect your company’s data

      10 practical tips to protect your company’s data

    • 16 September, 2019
      Comments Off on What a CTO Fears the Most and What to Do About It

      What a CTO Fears the Most and What to Do About It

    • 22 August, 2019
      Comments Off on Is Your On-Premise IT Disaster Ready?

      Is Your On-Premise IT Disaster Ready?

    USA

    78 SW 7th Street, Suite 500,
    Miami, FL 33130, USA
    Phone: +1 (305) 900-4455
    E-mail: info@skyone.solutions

    BRAZIL

    Av. das Nações Unidas, 12399 - 14° Andar
    04578-000 - Brooklin Novo – São Paulo – SP
    Phone: SP+55 (11) 2193-1961
                          RJ +55 (21) 3828-0155
                          MG +55 (31) 3956-0516
    E-mail: contato@skyone.solutions

    ©2018 Sky.One – All Rights Reserved | Privacy Policy

    • Our Story
    • Cloud Solutions
      • Auto.Sky
      • Auto.Sky Business One
      • Cloud.Guru
      • Sky.Saver
    • Software Suppliers
    • Companies
    • Success Stories
    • Contact
    • The Sky.One Terminal
    • Support
    • English
      • Português
      • English
      • Español