Security pros are constantly being warned about insider threats. We’re told our companies need next-generation software, integrated threat intelligence, and the ability to correlate massive amounts of event logs and context to arm ourselves against these threats.We’re told that these tools are necessary to block attacks and to recover from attacks, should they be successful. Unfortunately, when companies eventually figure out that they’ve been compromised, they also discover their systems had been compromised for an extended period of time.“Insider threats can include a combination of malicious insiders, compromised insiders, and careless insiders,” says Wade Williamson, director of product marketing at Vectra Networks. “You will need clear visibility for identifying all of these threats, but they will differ in behavior and how security will be able to detect them.”To read this article in full or to leave a comment, please click here(Insider Story)
How does a company operationalize its risk and security programs? More specifically, with all of the talk about big data, how does a company operationalize its threat intelligence process?
Many companies think they know what the keys are to their kingdom and where the entry points are located. Unfortunately, they soon find out that the most serious breaches often take place somewhere else.
+ ALSO ON NETWORK WORLD: 5 tips for better enterprise security +To read this article in full or to leave a comment, please click here(Insider Story)