Following the news that the T-Mobile insider stealing customer data to sell for a profit, Csaba Krasznay Product Manager at Balabit commented below.
Csaba Krasznay, Product Manager at Balabit:
“This is a warning sign for all companies. An employee with privileged access can cause huge problems, therefore their access control and activity monitoring is essential. Utilising User Behaviour Analytics can help prevent insider attacks in real-time. An interesting point in this case is that “the police initiated an investigation”. Usually, companies try to manage such incidents internally, given that if law enforcement become involved, digital evidences are needed, however, most companies don’t possess information that can be used in a legal process (e.g. digitally signed, time stamped audit trails).
This is also timely due to the emergence of the General Data Protection Regulation (GDPR), regulation puts a high responsibility on companies’ shoulders in such data breaches, so everyone should be prepared for appropriate incident management.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.