Exabeam News Wrap-up – Week of September 19, 2022

We’ll be regularly bringing you a summary of Exabeam’s key topics and headlines. Stay up to date with the Exabeam News Wrap-up!

Malicious Intent or Honest Mistake 

September is Insider Threat Awareness Month, a time to focus on the solutions and preventative measures that individuals and organizations can take to minimize the damage from potential security threats — particularly insider threats. Matt Rider, vice president of security engineering EMEA at Exabeam, explains that each different kind of insider risk can threaten an organization’s security in unique ways.

“The ‘malicious insider’ is an employee who intentionally steals data, either for personal gain or to negatively impact the organization involved – mature security organizations will ensure that they work closely with HR teams to help identify and monitor potentially malicious insiders,” Rider explains. “A ‘compromised insider’, however, generally acts without malice and usually has no idea they’ve been compromised. All it takes is clicking on a link in a phishing email or opening an infected file and their credentials can become compromised. Finally, a ‘careless’ or ‘negligent insider’ is someone who leaves their laptop on the train, walks away from their unlocked workstation, or simply fails to follow cybersecurity best practices. These individuals can be particularly challenging, because their actions are very hard to predict and defend against.”

Uber-Style Cyber Attack Will Happen to Others

Uber suffered a cybersecurity attack recently, and the attacker shared screenshots of the company’s internal systems. Sam Humphries, head of security strategy EMEA at Exabeam, discussed the heightened vulnerability organizations face to insider threats. 

“Almost all of the high-profile breaches we see in the news involve attackers leveraging stolen user credentials to gain access to sensitive data,” says Humphries. “Insiders with access to privileged information represent the greatest risk to a company’s security. This kind of threat can be much harder to detect. After all, an attacker with valid credentials looks just like a regular user. This presents one of the most significant challenges for security teams.”

The New CISO Podcast Episode 75: “Broad Knowledge is Power: Building a Better Security Team” with Bryan Willett

​​In the newest episode of The New CISO podcast, Steve is joined by Bryan Willett, CSO at Lexmark International, Inc, to highlight the importance of collaboration and team building.

With more than two decades of experience, Bryan understands the CISO role and how to support your team. He shares what CISOs can do once they achieve this status to develop their skills further. 

Exabeam Advanced SIEM and UEBA Gives MTI Ltd. a Clearer View of Risk Posture 

Exabeam’s latest case study features MTI. Ltd and their use of Exabeam security information and event management (SIEM) and user and entity behavior analytics (UEBA). MTI was impressed by the UEBA function, which shows a superior ability to break down system user behavior to help identify threats from non-threats. According to MTI, the Advanced Analytics™ timeline feature tops competitor products, providing a unique visual guide about all user and device behaviors across company systems for unmatched risk visibility.

“The obvious benefits of advanced behavior monitoring analytics resulting in rapid threat detection and effective risk management may bring you in as a customer, but don’t be surprised by the continuing rewards of a committed partnership with Exabeam,” said Keisuke Kawakami, a member of MTI’s infrastructure system division.

Celebrating IT Professionals Day

On IT Professionals Day, we celebrate the unsung heroes in tech who keep business running across the digital landscape. In We Are Tech Women, Richard Orange, vice president EMEA at Exabeam, acknowledges that IT professionals are typically only called upon when something goes wrong, and they deserve thanks for all they do.

“From technical to analytical operations, IT specialists are responsible for so many essential aspects of IT systems used by companies and consumers every day,” says Orange. This includes functions such as designing and building technical controls, maintaining technology systems, carefully handling data, and ensuring compliance with privacy legislation. It can be a tedious and difficult role, so it is important to consider and celebrate the work of IT pros not just on IT Pro Day – but every day.”

Stay tuned for the next issue of the Exabeam News Wrap-up!

Defending against insider threats is more than just picking the right security solutions. It’s also defining and creating a security program that pulls people, processes, and technology together to effectively defend against these kinds of threats.

An insider threat is malicious activity against an organization that comes from user credentials with legitimate access to an organization’s network, applications, or databases. These credentials can be current employees, former employees, or third parties like partners, contractors, or temporary workers with access to the organization’s physical or digital assets. They can be privileged or service accounts that have automated download functions or normal activities that have been compromised by an identity-based attack.

Use this checklist as a guide for defining your insider threat defense strategy.