Compromised Insider
Malicious take over of an account to gain access to organisations data to exfiltrate, corrupt or delete.
The problems it causes organisations?
A user whose account credentials have been harvested may enable an attacker to gain unrestricted access to sensitive company systems or assets.
This can result in the theft of core company intellectual property or other key data such as personnel records and personably Identifiable information (PII).
Without appropriate controls, this activity can occur unnoticed as it’s utilising valid credentials and therefore will not trigger traditional security alerts.
1
%
of all threats involved insiders.¹
1
%
of data breached, there was evidence
of the breach within the log data.²
of the breach within the log data.²
How does Cyberseer's MSS solve this problem?
Cyberseer can identify anomalous activity and surface potential account misuse before the adversary is able to complete their mission, be that exfiltration, corruption or sabotage.
Some of the indicators that support the identification of potential account misuse include:
- Use of user accounts from unusual devices.
- At unusual times of the day / week.
- Access to data outside their normal duties or downloading of data in unusual volumes.
Learn more about our Managed Security Service and the solutions that we provide to keep your organisation safe.
Our MSS is powered by these advanced technologies
Cyberseer Advanced Threat Management utilise technologies from Exabeam, Darktrace, Cylance and Bitglass to support the early identification of Insider threats.
¹ ² ³ ⁴ Exabeam
