Governance & Risk Management , Insider Threat
Former NSA Deputy Director Chris Inglis on Combating Insider Threats
Part 3 in the 4 part seriesIn this third video of a four-part series, Chris Inglis, former NSA deputy director and current Securonix advisory board chair, sits down with Securonix CEO Sachin Nayyar to discuss today's insider threats.
Over time, the increasing complexity of enterprise systems has necessarily concentrated more power in the hands of individuals. Insiders can access more data, store more, and do more harm than ever before.
"Organizations vastly underestimate the likelihood of an insider attack," says Inglis. "It only takes one in a company of thousands. The proper estimation is one, as in 100 percent likely."
Insiders are not just defined as the employees and contractors within an organization, they are users or entities that operate with privileged access. An insider attack is any misuse of credentials that exploit vulnerabilities presented by privileged access to data and applications.
Traditional security tools are useless against attackers with privileged access and legitimate credentials. Defending the network is good. But what about protecting what really matters: the data! To detect misuse of privilege, organizations must have visibility into their data and real-time analytics of the behavior against it.