Lancope’s Tom Cross to Present on Insider Threats at the Cyber Security & Infrastructure Protection Symposium
ATLANTA, September 10, 2013 – Lancope, Inc., a leader in network visibility and security intelligence, will present on the challenge of insider threats at the Cyber Security & Infrastructure Protection Symposium taking place in Washington, D.C. from Sept. 18-19. The symposium will bring together senior-level U.S. government and industry cyber security experts to share insights and best practices for protecting critical infrastructure. Lancope’s director of security research, Tom Cross, will discuss how malicious, negligent and compromised insiders pose a real threat to cyber security, and how organizations can more successfully mitigate these risks.
Over the past several years, there has been a steady stream of reported incidents of authorized users abusing their privileges to sabotage their company or steal confidential data. According to the 2013 Verizon Data Breach Investigations Report, 14 percent of breaches were perpetrated by insiders. Additionally, the report states that 76 percent of the breaches it analyzed involved the use of weak or stolen credentials to gain network access, and 29 percent involved the use of social engineering tactics – making insiders a key point of weakness when it comes to network security.
Insider threat activity can be difficult to differentiate from legitimate network transactions and is often not detected by signature-based security systems that are designed to uncover malware and the use of software exploits. From a technology standpoint, the only way to prevent this kind of attack is to have visibility into what insiders are doing on the network so that suspicious behavior – such as unusually large file transfers or attempts to access restricted areas – can be identified and further investigated. This intelligence should be cross-referenced with insight from other groups such as Executive Management, HR and Legal to identify at-risk individuals and obtain a more comprehensive perspective.
During his talk at the Cyber Security & Infrastructure Protection Symposium, Cross will share industry research on insider threats and provide best practices for faster identification and resolution:
WHO: Tom Cross, Director of Security Research, Lancope, Inc.
WHAT: “Hunting for Malicious Insiders & Compromised User Accounts”
WHEN: September 19, 3:30 p.m. U.S. Eastern time
By collecting and analyzing NetFlow and other flow data from existing infrastructure, Lancope’s StealthWatch® System provides cost-effective, comprehensive network insight for detecting today’s top threats – including insider threats, APTs, DDoS and zero-day malware. IT administrators can leverage NetFlow and StealthWatch to baseline normal network activity and keep a watchful eye on their systems to quickly reveal anomalous behaviors that could signify a security issue. For further information on combating insider threats, go to: http://www.lancope.com/solutions/security-threats/insider-threats/.
Lancope, Inc. is a leading provider of network visibility and security intelligence to defend enterprises against today’s top threats. By collecting and analyzing NetFlow, IPFIX and other types of flow data, Lancope’s StealthWatch® System helps organizations quickly detect a wide range of attacks from APTs and DDoS to zero-day malware and insider threats. Through pervasive insight across distributed networks, including mobile, identity and application awareness, Lancope accelerates incident response, improves forensic investigations and reduces enterprise risk. Lancope’s security capabilities are continuously enhanced with threat intelligence from the StealthWatch Labs research team. For more information, visit www.lancope.com.
# # #
©2013 Lancope, Inc. All rights reserved. Lancope, StealthWatch, and other trademarks are registered or unregistered trademarks of Lancope, Inc. All other trademarks are properties of their respective owners.
Jody Ma Kissling
Lesley Sullivan/Kendra Dorr