User Patterns: The Real Hole in Threat Detection

posted in: Uncategorized | 0

User Patterns: The Real Hole in Threat Detection – 

The ability to detect and prevent threats stands at the center of most organizations’ security posture. Gartner recently announced that companies now see technology security and compliance as a strategic item, no longer relegated to the tactical. This is with good reason.

Average Security Breach: 263 Days Undetected!

The average breach goes 263 days before detection (no, that’s not a misprint). That same breach (again, on average) costs a cool $3.5 million per incident based on lost revenue, productivity, remediation costs and penalties. Worldwide, this represents a $500 billion problem.

Given the gravity of the financial repercussions, companies are scrambling to pour money into preventive technology and compliant systems, process and procedures. It’s hard for a CFO to say no these days to plugging a real or perceived gap in security. There’s a hole that many are missing, however, and it’s an area that is starting to move to the forefront of security conversations.

Trusted vs. Untrusted

We’ve all heard the story of the HVAC technician’s admin password being stolen and used.  There are countless other breaches just like this one. How to stop it? Typical procedures and process include better management of subcontractors and more rigid password expiration policies. But that really is just the tip of the iceberg.

Eighty percent of incursions happen using regular, generic IT tools and a stolen password. Smaller companies that work with larger ones are used as a beachhead to gain access.  What we need is much deeper investments and technology around predictive pattern analytics.

Consider this. Would you design a physical security system allowing thousands of employees carte blanche access to sensitive or valuable items – even say a bank vault – without watching to see if their ID actually matches their face if they have a handful of cash? Heck no! But that’s what IT systems have been built on: trusted and untrusted. User accounts are connected to the user.

Following the User, From A to F

To make leaps in our ability to prevent security breaches, we need to analyze quantifiable patterns. Picture a normal user who logs in between the hours of A and B (on average) and accesses system C. He or she usually takes a lunch that is D in length, and logouts between E and F at the end of the day. There are even quantifiable metrics around how quickly they hit the keys on a keyboard to type their password, and the location from which it happens.

By storing, analyzing and – most importantly – alerting security personnel on user patterns, we will be in a much better position to prevent, detect and more quickly remediate threats.

For an overview on security requirements specific to compliance regulations, such as PCI, HIPAA HI TECH, CJIS, and others, view this infographic.

About Rob Curls

As a Solutions Consultant for Concerto Cloud Services, my primary focus is educating customers on technologies that are available and designing solutions that will achieve their strategic objectives. With a focus on cloud solutions, my responsibilities include architecting complex workloads utilizing best of bread technology and service providers, developing and presenting in person and online presentations and demonstrations with customers and industry experts, as well as working with our team to ensure we stay on the cutting edge as a cloud service provider.

With more than 14 years of technology experience, I have a diverse background which has enabled me to work in challenging industries such as Healthcare, Professional Services, and Defense. I’ve consulted organizations ranging in size from small start ups to large globally dispersed organizations, and I’d love the opportunity to sit down and discuss your needs.

Leave a Reply