Security pros are constantly being warned about insider threats. We’re told our companies need next-generation software, integrated threat intelligence, and the ability to correlate massive amounts of event logs and context to arm ourselves against these threats.
We’re told that these tools are necessary to block attacks and to recover from attacks, should they be successful. Unfortunately, when companies eventually figure out that they’ve been compromised, they also discover their systems had been compromised for an extended period of time.
“Insider threats can include a combination of malicious insiders, compromised insiders, and careless insiders,” says Wade Williamson, director of product marketing at Vectra Networks. “You will need clear visibility for identifying all of these threats, but they will differ in behavior and how security will be able to detect them.”
To continue reading this article register now