Following the news about NSA Contractor Arrest, István Szabó Product Manager of syslog-ng/SSB at Balabit commented below.
István Szabó, Product Manager of Syslog-ng/SSB at Balabit:
“While very few details are available about the case of another NSA contractor stealing confidential information, based on the information available thus far, there are some observations that can be made.
Mainly, there is no easy way to characterize insider threats.
Motivation can be political, financial, personal or can simply be attributed to negligence or unawareness of the risks involved. No single tool and no policy can be flexible and powerful enough to capture this variety and complexity and to fully prevent breaches from happening.
A good security arsenal involves an ever-evolving combination of traditional, control-based measures and policies, novel, monitoring and machine learning-based approaches focusing especially on user behavior analytics of high risk users with privileged access. A tool able to associate a risk level to every user based on roles, access rights and peer groups can be very handy.
Another key observation is the importance of monitoring access of third party contractors. Third party contractors accessing IT systems from outside can very easily be directed through a transparent, proxy based privileged user monitoring solution, which offers real time monitoring of ongoing sessions, can offer video like playback of the activities should an investigation be required, can provide evidence for forensics and the data recorded can be used to feed a user behavior analytics solution improving significantly the breach detection and breach prevention capabilities of an organization.”
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…