How Behavioral Analytics Can Protect Businesses From Data Theft

 
 
By Chris Preimesberger  |  Posted 2015-03-17
 
 
 
 
 
 
 
 
 
  • Previous
    1 - How Behavioral Analytics Can Protect Businesses From Data Theft
    Next

    How Behavioral Analytics Can Protect Businesses From Data Theft

    by Chris Preimesberger
  • Previous
    2 - Targeted Cyber-Attacks by Nation-States
    Next

    Targeted Cyber-Attacks by Nation-States

    Sophisticated targeted attacks on governments and companies go undetected for months and even years and are usually discovered by government intelligence or law enforcement after the fact. Behavioral analytics will detect and surface these attacks as they attempt to reconnaissance a network, access and steal data. Even if these attacks attempt to copy normal activities, analytics engines will recognize the differences in behaviors and actions.
  • Previous
    3 - Malware Attacks by Criminal Organizations
    Next

    Malware Attacks by Criminal Organizations

    Whether through stolen identities or phishing attacks, malware finds and exports personally identifiable information (PII) from back-end repositories to be used in fraudulent financial activities. Behavioral analytics will identify malware operating on endpoints or communication across networks, and alert security teams while the attack is in progress. Analytics will detect anomalous actions of a stolen identity as well as anomalous network communications and database access.
  • Previous
    4 - Employees Stealing Data Over Time
    Next

    Employees Stealing Data Over Time

    Insider espionage is an ongoing problem for governments, manufacturers and other industries where global competition is extreme. Behavioral analytics will detect these insider attacks, even when the insider is moving small amounts of data over long periods of time. Clustering analysis of individual activities against like groups of users will detect even low-level anomalous events.
  • Previous
    5 - Employees Who Are Leaving
    Next

    Employees Who Are Leaving

    As many surveys have reported, a majority of employees leaving an organization take sensitive data with them and download it before they announce their resignation. Behavioral analytics will not only detect and surface the employees as they take the data, but will also model activities that predict they are leaving.
  • Previous
    6 - Collaborative Attacks
    Next

    Collaborative Attacks

    In any insider attack, finding collaborators involved in the attack is extremely difficult. Whether it is long-term espionage or a group of exiting employees, when collaboration is involved, threat detection is much more difficult. Behavioral analytics can uniquely connect all the dots in an incident while it is occurring. This includes connecting anomalous actions to multiple users and clearly showing who was and who was not involved.
  • Previous
    7 - Illicit Contractor Activities
    Next

    Illicit Contractor Activities

    Contractors have long been a high-risk channel for data theft, especially when they are located in geographies such as China and India. Behavioral analytics is not limited to endpoint or network data, and can consume and analyze the log data of back-end systems where source code, CAD files, manufacturing process and business plans are stored. When contractors (or any employees) access this data in an attempt to steal it, analytics will detect the anomalous action and alert security teams.
  • Previous
    8 - Insider Negligence
    Next

    Insider Negligence

    Many data-loss incidents are not related to knowingly bad actions but are caused by employees not following governance policies, compliance laws or security procedures. Behavioral analytics is not just detecting attacks; it will also identify anomalous behaviors measured against existing corporate governance and compliance policies and alert managers to employees who are acting recklessly.
  • Previous
    9 - Insider Hacktivist
    Next

    Insider Hacktivist

    Hacktivists not only damage the reputation of a company, but their destructive attacks can shut down systems and destroy computers, leaving a company bleeding cash. Behavioral analytics will quickly identify the extreme anomalous events carried out by either an inside hacktivist or an outside-based attack. Detection and alerting of this type of attack will happen in near real time.
 

Behavioral analytics is a relatively new data security subset that can strengthen an enterprise's threat detection and response capabilities. It does this by first learning the normal patterns of behavior of every person, application, file and machine in the organization. It then can detect and measure anomalous changes in those behaviors. A key trend driving the growth of behavioral analytics is the vast accumulation—and the improving accessibility—of data. Never before have companies stored as much data from endpoint devices, email, network activity and, most recently, intellectual property content repositories. The latter is where behavioral analytics can be a de facto last line of defense to protect the most sensitive data. By aggregating, analyzing and measuring anomalous events—and then connecting them together—a behavioral analytics engine uncovers a prioritized view of the true threats facing an organization, while discounting the massive volumes of otherwise unimportant data. In this slide show, edited by eWEEK and featuring security insight from Ottawa-based Interset and California-based Perforce Software, we offer eight examples of when behavioral analytics may be the right tool to fight data theft.

 
 
 
 
 
 
 
 
 
 
 

Submit a Comment

Loading Comments...
 
Manage your Newsletters: Login   Register My Newsletters























 
 
 
 
 
 
 
 
 
Rocket Fuel