John Mc Loughlin, CEO, J2 Software.
Insider abuse and data misuse account for over a third of data breaches in financial service organisations and must be accounted for by controls. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at tremendous scale.
Many security vendors are claiming to solve insider threats, causing confusion among security teams who are new to the insider threat space. The fact is, insider threats take many different forms, making them difficult to detect, investigate and mitigate.
Insider threat surveillance tools evolved from ’employee monitoring’ software, traditionally deployed to monitor targeted high-risk endpoints or for employees with prior negative conduct or suspicious history.
These solutions rely on invasive capabilities to react to insider threat activities including computer screen recording, conversation content scanning, file content scanning, e-mail content scanning and keystroke logging.
Insider risk management (IRM) solutions then emerged from the convergence of specific attributes taken from endpoint DLP, user activity…
