Authentication-based attacks remain a primary concern for many of our clients no matter the size or sector of their organization. While knowledge of these threats has increased, understanding the risk factors – and how to remediate them – has not.
Most attacks are premised on stealing data for financial gain, and obtaining access is only the first step. Figuring out where valuable data is located, how it’s protected, and ultimately how to access it will take any infiltrator significant time. So, unsurprisingly, authentication-based attacks go undiscovered for more than 200 days on average. It seems obvious why: to get access to data, one needs a valid identity, and with a valid identity, log files (which is what most existing threat detection solutions are based on) have nothing anomalous to detect! This is why solutions are now starting to come to market based on ‘User Behavior Analytics’ (UBA). Over time, atypical behaviors trend, and UBA systems, in theory, will alert if deviation from an individual’s own – or their peer group’s – activity occurs.
Don’t miss a post! Subscribe to The Insider Threat Security Blog here:
Brad Bussie is an award winning fifteen year veteran of the information security industry. He holds an undergraduate degree in information systems security and an MBA in technology management. Brad possesses premier certifications from multiple vendors, including the CISSP from ISC2. He has a deep background architecting solutions for identity management, governance, recovery, migration, audit, and compliance. Brad has spoken at industry events around the globe and has helped commercial, federal, intelligence, and DoD customers solve complex security issues.
Related Posts
- Impressions from RSA 2019
- Market Trends: Privileged Access and Insider Threats
- Market Trends: Announcing StealthINTERCEPT 5.0 General Availability – With Enterprise Password Enforcer & LSASS Guardian™
- The Year of Ransomware: 2017 Recap and 2018 Predictions
- Market Trends: Risk Based Security – Compliance Based Security – Security Through Obscurity
- Stealing Sensitive Data One User at a Time: The Unlikely Headline
- Prevent Data Theft with File Activity Monitoring
- Market Trends: NYCRR 500 Compliance
- Law Firm Cyber Guidance: Adopting a Least Privilege Model
- Market Trends: Preparing Now – EU General Data Protection Regulation (GDPR)
Leave a Reply