A new app from IBM may be leading the charge into ensuring that insider cybersecurity threats are stamped out. When most administrators think of data breaches, they often jump to actions like closing current vulnerabilities in company software or installing firewalls. While these are obviously necessary measures, what a lot of people forget about is what kind of information employees and outside contractors have access to.
Hackers like to take the path of least resistance when gaining access to a system, and this often means getting ahold of login credentials that allow them to view private company data. The problem here is that it's very hard to know which employees have been compromised until it's too late, an issue IBM intends to solve. The tech giant has created the User Behavior Analytics app for its IBM QRadar security platform designed to analyze login histories in order to mitigate the risks of these kinds of attacks.
Why are insider breaches such a big problem?
"Employees are often the weakest link when it comes to data security."
Before delving into how this app works, it's vital to understand why losing control of login credentials is such a big deal. Although employees are the backbone of any organization, they're sadly often the weakest link when it comes to data security. While a piece of cybersecurity software will never make a mistake, humans very often do.
In terms of data breaches, these missteps generally take the form of weak passwords or mishandling of these pass phrases. According to Verizon's 2016 Data Breach Investigations Report, 63 percent of recorded hacking incidents could be traced back to an employee either having an easy-to-guess password or simply giving them away during a phishing scheme.
While these kinds of problems can be lessened through training programs, at the end of the day, workers are only human and they're eventually going to slip up.
How does the app work?
With this in mind, developers at IBM QRadar decided to take action by monitoring the activities of those who have access to important company information. This new app uses advanced analytics in order to decide whether or not an employee's past access history matches up with current actions.
Another problem a lot of companies deal with is an overabundance of employees with administrative abilities. Lowering this number is a separate issue altogether, but what this means is that there's generally a large pool of workers that have unlimited access to company data. Many of these people don't need to view a large portion of this data, instead logging into the same datasets over and over again.
Breaking away from this habit is hard to see as a human, but a software program such as the one created by IBM can quickly and efficiently see when an employee is doing something that's out of the ordinary. When someone within shipping starts viewing information pertaining to company finances – data this person has never viewed before in their life – IBM's User Behavior Analytics app instantly flags this as a potential breach. Vice president of IBM Security's Strategy and Offering Management Jason Corbin spelled out the significance of this development in the company's press release.
"Organizations need a better way to protect themselves against insider threats – whether they be from inadvertent actors or malicious cybercriminals with access to an organization's inner workings and technology systems," said Corbin. "This new app provides analysts with the ability to quickly pivot by using existing cybersecurity data to see the early warning signs that are often buried in suspicious user activities, ultimately helping them more consistently address breaches before they occur."
IBM certified training can help you fight these kinds of attacks
If this app is as effective as IBM expects it to be, it could revolutionize how companies mitigate the risk of insider data breaches. Therefore, those wishing to be on the front-lines of this kind of technology should look into computer based training within IBM Security QRadar. New Horizons Learning Groups's long list of IBM Security training programs can help you stay on top of current cybersecurity trends and advance your career within the field.