This Week's Online-Exclusive Feature
Conducting User Activity Monitoring Using Existing IT Infrastructure
6 March 2019
The term “insider threat” has become commonplace in the lexicon of chief information security officers (CISOs). Events such as the spygate at Tesla, where a former employee “export[ed] large amounts of highly sensitive Tesla data to unknown third parties,” or the arrest of a “senior [US]Treasury Department employee charged with leaking to media about suspicious financial activity reports” have demonstrated that no organization is immune to these devastating breaches of trust, and that organizations need to establish a user activity monitoring (UAM) program to alert them to suspicious activity.
Many CISOs recognize the need to do something and the question is where to start. Many envision that their insider threat problem will be solved with the purchase of an automated tool that monitors their users’ activity, alerts them to potential problems and serves as a panacea for their woes. Unfortunately, this is not at all the case, as, with the purchase of any tool or control, without proper governance, planning, support and oversight, the project will fail to achieve its objectives, leaving the CISO to explain the wasted expense on a costly solution. Read More >>Indicates Online-Exclusive Content