Following the news about NSA Contractor Arrest, István Szabó Product Manager of syslog-ng/SSB at Balabit commented below.
István Szabó, Product Manager of Syslog-ng/SSB at Balabit:
“While very few details are available about the case of another NSA contractor stealing confidential information, based on the information available thus far, there are some observations that can be made.
Mainly, there is no easy way to characterize insider threats.
Motivation can be political, financial, personal or can simply be attributed to negligence or unawareness of the risks involved. No single tool and no policy can be flexible and powerful enough to capture this variety and complexity and to fully prevent breaches from happening.
A good security arsenal involves an ever-evolving combination of traditional, control-based measures and policies, novel, monitoring and machine learning-based approaches focusing especially on user behavior analytics of high risk users with privileged access. A tool able to associate a risk level to every user based on roles, access rights and peer groups can be very handy.
Another key observation is the importance of monitoring access of third party contractors. Third party contractors accessing IT systems from outside can very easily be directed through a transparent, proxy based privileged user monitoring solution, which offers real time monitoring of ongoing sessions, can offer video like playback of the activities should an investigation be required, can provide evidence for forensics and the data recorded can be used to feed a user behavior analytics solution improving significantly the breach detection and breach prevention capabilities of an organization.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
There are a number of commonly used verification tools out…
Phishing remains a relentless and highly effective cybersecurity threat. Despite…
Each year, Cybersecurity Awareness Month serves as a valuable reminder…
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…