Experts Comments: NHS Trust Uncovers Insider Threat

NHS employee was found accessing medical records of over 2,000 patients. The employee had legitimate access to the trust’s electronic health record system, but was accessing them over a period of 18 months with no legitimate reason for doing so.

Experts Comments

September 20, 2019
Jan Van Vliet
VP and GM EMEA
Digital Guardian
For security analysts, spotting security incidents arising from within their company, which is arguably their own customer base, is particularly tricky because, like in this instance, the attacker may have legitimate access. If the credentials being inputted are valid, the same alarms are not raised as when an unauthorised user attempts entry from the outside. Deploying data-aware cyber security solutions removes the risks around the insider threat because even if an adversary has legitimate.....Read More
For security analysts, spotting security incidents arising from within their company, which is arguably their own customer base, is particularly tricky because, like in this instance, the attacker may have legitimate access. If the credentials being inputted are valid, the same alarms are not raised as when an unauthorised user attempts entry from the outside. Deploying data-aware cyber security solutions removes the risks around the insider threat because even if an adversary has legitimate access to data, they are prevented from copying, moving or deleting it. What’s important when it comes to insiders, in whatever guise, is to be able to detect malicious or suspicious activity and produce real-time, priority alerts that analysts know must be addressed immediately.  Read Less
September 20, 2019
Barry Shteiman
VP Research and Innovation
Exabeam
Organisations need to be able to detect unusual activity from valid machines and users, which is why behavioural analytics has grown so quickly over the last couple of years. While standard security technology focuses on “can you access this data?” behavioural analytics focuses on “should you be accessing this data?” – this is much more useful for detecting threats in the NHS, which can compromise entire corporate machines. Behavioural analytics is also the only way to get real.....Read More
Organisations need to be able to detect unusual activity from valid machines and users, which is why behavioural analytics has grown so quickly over the last couple of years. While standard security technology focuses on “can you access this data?” behavioural analytics focuses on “should you be accessing this data?” – this is much more useful for detecting threats in the NHS, which can compromise entire corporate machines. Behavioural analytics is also the only way to get real insight into the insider threat. It can tell an organisation when someone is doing something that is unusual and risky, on an individual basis and compared to peers.  Read Less
What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Share on facebook
Share on twitter
Share on linkedin

Recent Posts

Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics

Twitter Facebook-f Linkedin Youtube

Working With Us

The Pages

Our Contributing Experts