When it comes to the scourge of corporate data breaches, it always feels like the worst must be behind us – until the next one arrives with headline-making, head-turning force.
Shockingly, it’s been two years since data disasters at Equifax and Yahoo thrust the public spotlight on the troubling trend of data mismanagement in the digital age, a problem that has only grown worse with time.
Indeed, data loss events are increasing in frequency and severity. Positive Technologies, a global cybersecurity firm, estimates that during certain stretches of 2018, cyber attacks increased by as much as 47% compared to 2017 levels. Overall, the number of companies that reported an intrusion rose 12% in 2018. Moreover, recent data events including the Marriott breach, the Tesla IP theft, and the Goldman Sachs 1MDB scandal are a clear indication that the threat landscape is getting more complex and is bound to present more challenges to organizations around the world.
The good news – if a silver lining can be derived from this environment – is that board members and executives at companies large and small are beginning to take notice. According to a survey by Thales eSecurity, 63% of respondents indicate that they are increasing spending on cybersecurity initiatives to combat the growing threat. At the same time, many have begun to implement preventative solutions to monitor data utilization and to enhance their ability to respond to insider and external malicious threats.
To meet this growing demand, user activity monitoring and insider threat detection, as a software category, is evolving to get ahead of the ever increasing threat to user data. It’s now ready to provide the necessary user behavior analytics to identify and respond to malicious threats in a timely fashion, while also capturing all necessary forensic evidence of the event, allowing the organization and the authorities to take definitive legal action.
While this software category is incredibly nuanced, by providing advanced analytics, insightful intelligence, and effective response mechanisms, it addresses three critical components of data security in 2019.
By the time most data breaches make headlines, they are already old news to the people who perpetrated the crime. It’s estimated that it takes companies 191 days to identify a data loss event, a frighteningly long delay between theft and detection.
To minimize the damage to organizations and customers, a rapid response is critical.
Real-time user activity monitoring (UAM) can alert IT admins of a possible data loss event. However, even real-time monitoring can be too late when it comes to malicious computer activity. For example, it will take an employee only few seconds to send an email containing secret company information. Even immediate action can’t stop this event, but modern User Activity Monitoring (UAM) software comes equipped with behavior-based analytics that can help identify these threats before they can act.
With the power of AI and machine learning, software solutions can build normative user profiles, so behavior anomalies can be detected and analyzed. Employees who access the company’s network at unusual hours, search for data-theft related activities, or are preparing to leave the company are all worth scrutinizing and evaluating. Building upon these analytics, the UAM can then implement rules to monitor and if the conditions allow for it, prevent a dangerous user activity.
While many data breaches are perpetrated by malicious insider threats, others are accidental. For instance, according to Verizon’s 2018 Data Breach Investigation Report, 92% of malware is delivered by email, which employees inadvertently or innocently open, compromising their company’s data integrity in the meantime.