Insider Threat: A recipe for loss
There are three means by which an organization can suffer damaging loss of sensitive data, valuable information, plans, or classified information:
(1) Theft committed by those with malicious intent,
(2) Sabotage committed by those with malicious intent, and
(3) Loss or damage caused by reckless behavior, carelessness, and disregard for security policies designed to protect internal organizational resources. It is extremely difficult to hide behaviors resulting from malicious motivations (there are many) or even disregard for policies. InAlyzer is designed to identify behaviors in the workplace stemming from these underlying causes based on observations and processed by behavior analytics. InAlyzer augments network monitoring with a very much needed behavior based assist.
Typical Approaches to the Detection of Insider Threat
Typical approaches to detection of insider threat rely solely on monitoring network activities. Network intrusion methods have been focused on external attempts to gain access for malicious purposes for decades. These methods have been adapted over the years to identify insiders who already have network access and use such access to conduct theft or cause damage within an organization. Such systems are useful if the insider uses organizational networks in inappropriate ways. However, there are numerous ways to steal or cause damage not network related. Using smart phone cameras and miniature photo/video recording devices may be used to capture laptop screens, plans, whiteboards, etc. with no network violations. However there are signs in the workplace of malicious intent, recklessness, and many motivators leading to loss and damage that are not captured with network monitoring.
Inalyzer: A Paradigm Shift in Identifying Insider Threat
InAlyzer is a significant departure from network monitoring methods. Because there is a multitude of non-network methods to conduct theft or cause damage, workplace behavior associated with malicious intent and carelessness can be observable in the workplace as well as precursors leading to loss. By focusing on observable behaviors and precursors associated with past cases of loss perpetrated by insiders including corporate and government espionage, InAlyzer has incorporated extensive behaviors combined with advanced pattern classification to differentiate between those who are not likely to present insider threat versus those who exhibit behaviors associated with insider threat. The carefully constructed and unique patent pending InAlyzer method is a necessary and significant addition to current insider threat detection.