Fortinet’s Jamie Graves Interviewed at RSAC | Insider Threat Detection and Mitigation
nsider threats are at the forefront of every sophisticated CISO’s mind when it comes to risk management. Today, Fortinet announced the acquisition of ZoneFox, a cloud-based solution that identifies insider threats, with the ability to distill billions of events into useful insights using machine learning and big data analytics, and to stop the threat before it spreads.
According to the 2018 Verizon Breach Detection and Investigation Report, 30 percent of breaches involved insiders, and abuse of stolen credentials and privileged access were among the top five activities in such breaches.
With the dramatic growth in the number of users and devices accessing data and cloud resources, enterprises face a number of security challenges, but none greater than threat from insiders. An insider can be an employee, former employee, contractor, business associate, or sophisticated attacker pretending to be an employee. Insiders may have legitimate access to computer systems, but what may appear to be authorized access could actually be a user accidentally or intentionally misusing credentials to harm the organization. A negligent insider could give improper access to others simply due to lack of training or coercion, and a malicious insider could attempt to steal information for financial gain, to benefit another organization or country, or to exact revenge through malicious software left running by an ex-employee. This is not theoretical and, whether known or unknown, is exposing many businesses right now.