Security Market Segment LS
Thursday, 06 August 2015 15:03

The threat from within - stupidity, bribery, coercion or revenge

By

For the most part enterprise security has been about anti-virus, firewalls, spam and phishing filters all defending the perimeter. All that is necessary but it is not enough especially in where data security is mandated.

LogRhythm, an independent security intelligence company that unifies next-generation Security information and event management (SIEM), log management, network and endpoint monitoring and forensics, and advanced security analytics says that the majority of compromises are now from employees who are coerced, intimidated or bribed to open up security holes or steal data.

It has released the findings of an Australian workplace security study conducted by Galaxy Research of 1003 employees and managers from mid-large Australian companies. Not surprisingly 31% reported at least one recent ‘security event‘ at their workplace.

33% of employees and 43% of managers said that confidential company information is susceptible to being stolen or accessed by unauthorised people. 72% of workers believe the greatest threat to data security is employee related due to them downloading infected files or malware, or simply not thinking about security. And 16% admitted to accessing documents that they shouldn’t really be looking at.

With the growing practice ‘Bring your own device’ and of telecommuting organisations are facing additional risks: 45% of workers and 68% of managers have checked work email while at home. 22% of workers transfer confidential information, even if it is to be used for legitimate work purposes at home, to a personal computer, laptop or USB stick.

I spoke to Simon Howe, LogRhythm’s ANZ Sales Director to get some further insight into just what the company does and how that differs from traditional perimeter protection.

“Companies still need traditional perimeter protection. LogRhythm is an intelligent overlay that analyses in real-time what is going on based on the logs and data from firewalls, active directory, anti-virus, networks and so much more and puts this in an understandable and actionable format. It provides the visibility for threats as they happen. The threat of today is more sophisticated. It may look like an errant login, a bulk copying of data, or unusual employee behaviour. It is only when you overlay a SIEM system over all these disparate data sources can you see what is happening – the mean time to detect is very much shortened,” he said.

“LogRhythm views cybersecurity education as one of its primary drivers. Raising awareness of cybercrime and the dangers to corporations, their employees and customers is crucial to building a culture that always has data security front of mind. This then flows into equipping individuals with the right tools to help them tackle the threat of costly and disruptive cybercrime,” he added.

“The biggest threat today is not from nation states (they can hack in if they want to) but from compromised employees. An innocent – or not so innocent click on a malware link, a stray USB drive containing a malware downloader being used, or covert espionage all happen,” he said.

LogRhythm’s Top Tips for a Security Conscious Workplace:

  • Understand how employees are accessing their work files and build a security solution that will enable them to do their work and not compromise your system.
  • More than 60 percent of cyber-attacks originate from breach of credentials. Remember to tell your employees to store them in a secure location!
  • Employees are great assets to a company but internal breaches are one of the hardest threats to mitigate. Organisations need a solution that will enable them to reduce the mean time to detect such threats and respond before material damage is done.

Subscribe to ITWIRE UPDATE Newsletter here

Now’s the Time for 400G Migration

The optical fibre community is anxiously awaiting the benefits that 400G capacity per wavelength will bring to existing and future fibre optic networks.

Nearly every business wants to leverage the latest in digital offerings to remain competitive in their respective markets and to provide support for fast and ever-increasing demands for data capacity. 400G is the answer.

Initial challenges are associated with supporting such project and upgrades to fulfil the promise of higher-capacity transport.

The foundation of optical networking infrastructure includes coherent optical transceivers and digital signal processing (DSP), mux/demux, ROADM, and optical amplifiers, all of which must be able to support 400G capacity.

With today’s proprietary power-hungry and high cost transceivers and DSP, how is migration to 400G networks going to be a viable option?

PacketLight's next-generation standardised solutions may be the answer. Click below to read the full article.

CLICK HERE!

WEBINAR PROMOTION ON ITWIRE: It's all about webinars

These days our customers Advertising & Marketing campaigns are mainly focussed on webinars.

If you wish to promote a Webinar we recommend at least a 2 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://www.itwire.com/itwire-update.html and Promotional News & Editorial.

This coupled with the new capabilities 5G brings opens up huge opportunities for both network operators and enterprise organisations.

We have a Webinar Business Booster Pack and other supportive programs.

We look forward to discussing your campaign goals with you.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments