Compromised Insider
Malicious take over of an account to gain access to organisations data to exfiltrate, corrupt or delete.
The problems a compromised insider can cause.
A user whose account credentials have been harvested may enable an attacker to gain unrestricted access to sensitive company systems or assets.
This can result in the theft of core company intellectual property or other key data such as personnel records and personably Identifiable information (PII).
Without appropriate controls, this activity can occur unnoticed as it’s utilising valid credentials and therefore will not trigger traditional security alerts.
1
%
of data breached, there was evidence
of the breach within the log data.²
of the breach within the log data.²
1
%
of all threats involved insiders.¹
How does Cyberseer's MSS solve this problem?
Cyberseer can identify anomalous activity and surface potential compromised insider before they are able to complete their mission, be that exfiltration, corruption or sabotage.
Some of the indicators that support the identification of potential account misuse include:
- Use of user accounts from unusual devices.
- At unusual times of the day / week.
- Access to data outside their normal duties or downloading of data in unusual volumes.
Learn more about our Managed Security Service and the solutions that we provide to keep your organisation safe.
Would you like to know more?
If you would like to know more then you can download a data sheet, white paper, request a demo or get in touch with us!
Sources: Exabeam
These advanced technologies power our ASPECT platform
