Following the news that an NSA contractor was arrested for allegedly stealing inside information, IT security experts from STEALTHbits Technologies and Prevoty commented below.
Mark Wilson, Director of Product Development at Stealthbits Technologies:
Insider threat is the most realistic and largest threat to corporate data. No intrusion detection or perimeter security measure can account for this.
An internal bad actor with motivation and the correct credentials can and will infiltrate an organization’s Crown Jewels – sensitive data. Why? Because it has monetary value.
The insider threat or bad actor has two things in their sight: credentials and data. The challenge is how to minimize the attack surface, alert to a breach, and preferably, stop the activity before it can occur.
This can only be achieved by understanding what the insider threat is and their motivation, by applying suitable measures to alert to and stop the nefarious activity in the first place.
More often than not, the insider attack is only realized long after the event as borne out by the fact this breach occurred two years ago.
No level of security clearance can account for privilege and motivation. Therefore the only way to address this is to consider least level of access best practices for privileged credentials and minimizing permissive and accessible access to data.”
Julien Bellanger, Co-Founder and CEO at Prevoty:
“Digital data, whether business trade secrets or government sensitive documents, is the holy grail for any hackers. We must continuously monitor digital and physical assets’ movements at any time to avoid these kinds of leaks.
Our industry challenge is to build real time visibility across the network, the application, the databases and the end-points to tracks sensitive information transactions. We have historically focused too much on infrastructure and not enough on data protection to efficiently protect against data theft.”