Google: Anthony Levandowski, a star engineer brought in to lead the Uber's self-driving automobile efforts was accused of stealing trade secrets (1400 design documents for self-driving cars) two weeks before he left a job at Google link: https://techcrunch.com/2017/05/30/uber-fires-otto-co-founder-anthony-levandowski-due-to-waymo-dispute/
Verizon breach: 14M customer records , a contractor working for Verizon made a configuration mistake that left the system exposed https://www.geekwire.com/2017/lock-doors-people-verizon-breach-unsecured-aws-server-exposes-14m-customer-records/
Anthem, A data breach may have exposed personal health information of thousands of Anthem Medicare enrollees. More than 18,500 Anthem Medicare members' Social Security and Medicare identification data may have been exposed. https://www.cnbc.com/2017/07/31/new-anthem-data-breach-by-contractor-affects-more-than-18000-enrollees.html
So with the concept of “insider = good and outsider = bad as seemingly irrelevant, I am now going to explain why organisations need to take a people focused approach, if they are to address and pro-actively prevent insiders threats. The challenge of reducing the mean time to detect and respond, applies to either internal or external threats – you want to be able to reduce the risk and let your board know what happened.
if you dive deeper there are 3 things that make sense, you need from a technology solution you need to bring the context of the user into play, ie what access do they have and what are they doing with it and marry it with the context of the data, you bring these 2 together with analytics to detect what has happened under one integrated solution that gives you that view to enable you to have comprehensive visibility, intelligence to detect in real-time, and proactively educate the user or take actions from preventing the data from being exfiltrated.
- Session recording