Following the news about NSA Contractor Arrest, István Szabó Product Manager of syslog-ng/SSB at Balabit commented below.
István Szabó, Product Manager of Syslog-ng/SSB at Balabit:
“While very few details are available about the case of another NSA contractor stealing confidential information, based on the information available thus far, there are some observations that can be made.
Mainly, there is no easy way to characterize insider threats.
Motivation can be political, financial, personal or can simply be attributed to negligence or unawareness of the risks involved. No single tool and no policy can be flexible and powerful enough to capture this variety and complexity and to fully prevent breaches from happening.
A good security arsenal involves an ever-evolving combination of traditional, control-based measures and policies, novel, monitoring and machine learning-based approaches focusing especially on user behavior analytics of high risk users with privileged access. A tool able to associate a risk level to every user based on roles, access rights and peer groups can be very handy.
Another key observation is the importance of monitoring access of third party contractors. Third party contractors accessing IT systems from outside can very easily be directed through a transparent, proxy based privileged user monitoring solution, which offers real time monitoring of ongoing sessions, can offer video like playback of the activities should an investigation be required, can provide evidence for forensics and the data recorded can be used to feed a user behavior analytics solution improving significantly the breach detection and breach prevention capabilities of an organization.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
A worrying trend for Australians The Latitude Financial attack clearly…
It is not unusual for companies to keep hold of…
“First of all, it should be praised that Ferrari have…
These findings aren’t very surprising given that unpatched zero-days provide…
These figures from Mandiant highlight how attackers are continuing to…