Security firm Imperva praises US memo on insider threats
The memo by US intelligence officials applies to all organisations, says security firm Imperva.

The memo by US intelligence officials urging government agencies to set up insider threat programmes applies to all organisations, says security firm Imperva.



From forensic cyber to encryption: InfoSec17
Security technologist Bruce Schneier’s insights and warnings around the regulation of IoT security and forensic cyber psychologist Mary Aiken’s comments around the tensions between encryption and state security were the top highlights of the keynote presentations at Infosecurity Europe 2017 in London.
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.
The 11-page memo sent to all agencies handling classified data calls for the introduction of methods to detect behavioural changes in employees.
The move comes after whistle-blowing website Wikileaks started publishing thousands of leaked US diplomatic cables.
Anyone in security should read the memo carefully, said Noa Bar-Yosef, senior security strategist at Imperva.
"The memo asks good questions to help government agencies or even private companies assess the possible threat of an insider," he said.
While the memo focuses on raising awareness to help spot insider threats, said Bar-Yosef, awareness is only one part of the solution.
Automation is the other essential element, he said, because being aware only part time is not good enough.
"Security doesn't sleep. For that matter, the government needs to assume that insiders don't sleep either," said Bar-Yosef.
The memo fails to recommend and force readers to consider is automation, he said, which is the only way to monitor systems round the clock.
"Automated scanning and monitoring should help identify not only excessive downloads, but also access to data and documents that simply aren't supposed to be seen," said Bar-Yosef.
Read more on IT risk management
-
Why businesses must think like criminals to protect their data
-
Security Think Tank: Use awareness, education and controls to halt cryptojacking
-
Security Think Tank: Awareness is a good starting point to counter fileless malware
-
Security Think Tank: Human, procedural and technical response to fileless malware
Start the conversation
0 comments