Blog

Blog

October 22, 2020

Jonathan Daly

Insider Threat Kill Chain - Part 4 - Aggregation

In the previous postings on the Insider Threat Kill Chain we covered how malicious insiders (whether persistent insider threats or flight risks) conduct reconnaissance to learn how to use hacking tools and methods or locate sensitive data and test defensive measures through circumvention. If the threat has not been stopped through either of these steps, the insider’s next action is aggregation; assembling and preparing the data for exfiltration.

Read More

Tags: Insider Threat
October 20, 2020

Jonathan Daly

Insider Threat Kill Chain - Give & Take

We previously discussed the dramatic increase in obfuscation activities found in the DTEX 2020 Insider Threat Behavior Report. More than half of the organizations interviewed saw obfuscation activities – a 450% increase over 2019. These activities included using incognito modes in browsers and bypassing the corporate VPN.

Read More

Tags: Insider Threat
October 12, 2020

Jonathan Daly

Insider Threat Kill Chain - Part 3

In our previous post on the Insider Threat Kill Chain we discussed how indicators of Reconnaissance efforts are different for insider attacks.

Read More

Tags: Insider Threat
October 6, 2020

Jonathan Daly

Hide and Seek

As noted earlier, the DTEX 2020 Insider Threat Behavior Report surveyed hundreds of customers and Global 5000 organizations to learn what type of risky, suspicious, and malicious activity is occurring across their enterprises.  One of the statistics that jumped out at us was a 450% increase in the number of companies observing obfuscation behavior in their employees.  The top violation was employees bypassing corporate VPNs to hide their online activities.

Read More

Tags: Insider Threat
September 30, 2020

Jonathan Daly

2020 Threat Report: Remote and @Risk - Trusted Insider or Malicious Threat

The Covid-19 pandemic and the rapid, forced adoption of a remote workforce has changed how organizations do business. It has also affected opportunities for insider threats. For the DTEX 2020 Insider Threat Report we spoke with hundreds of businesses across a wide range of industries to learn about those changes. For example, what does it mean when an employee uses Incognito mode, downloads a Tor browser, or bypasses the corporate VPN? All three activities obfuscate the employee’s actions. The job of security is to determine if the person is simply protecting their own privacy, masking behavior that violates company policies, or attempting to hide an attack.

Read More

Tags: Insider Threat
September 23, 2020

Rajan Koo

Insider Threat Kill Chain – Part 2

It is increasingly difficult to defend against attacks. This has led security teams to acknowledge the inevitability of a successful infiltration and the adoption of “kill chain” defenses. A “kill chain” defines a set of activities that an attacker must complete successfully in an attack. Stopping any of the individual activities blocks the attack.

Read More

Tags: Insider Threat
September 16, 2020

Rajan Koo

The Insider Kill Chain - Part 1

The “Kill Chain” is a warfare term for the process of targeting and destroying enemy forces in such a way as to make it most difficult for the enemy to continue in the battle.  In information security, it refers to the sequential steps an adversary must complete in a successful attack.

Read More

Tags: Insider Threat
July 22, 2020

Jonathan Daly

New Dtex Intercept 6.0 Puts Human Element at the center of Next-Gen Insider Threat Management

Investments in point solutions and reliance on modules from SIEM and EPP platforms are falling short as evidenced by the increasing number of high-profile data breaches caused by malicious and negligent employees and consultants. These solutions are simply not engineered to monitor and surveil the most critical and common denominator in every business activity: the humans powering the day-to-day operations.

Read More

Tags: Insider Threat , Dtex
May 6, 2020

Jonathan Daly

Dtex Announces $17.5M Funding led by Northgate Capital

The widespread decision corporations have made to allow employees to WFH is a great thing – both for business and for humanity during the COVID-19 crisis. However, it must be done safely. If companies heed this advice, they can ensure that their business run smoothly and, just like their employees, is protected from harm during these trying times.

Read More

Tags: Dtex
March 27, 2020

Jonathan Daly

Top 3 Security Holes to Address for Companies with WFH Employees

The widespread decision corporations have made to allow employees to WFH is a great thing – both for business and for humanity during the COVID-19 crisis. However, it must be done safely. If companies heed this advice, they can ensure that their business run smoothly and, just like their employees, is protected from harm during these trying times.

Read More

Tags: Insider Threat , Remote Workers
December 19, 2019

Jonathan Daly

Analyst Breach Insights, Week of December 19: Looking Back on 2019 and Forward to 2020 and Beyond

At long last, the end of a year -- and a decade! -- looms, and a new one is practically at our doorstep. In light of the end of 2019 and the beginning of a new chapter, this week’s Analyst Insights is all about looking at the big picture.

Read More

Tags: Insider Threat , Insider Threat Analyst Files
November 26, 2019

Jonathan Daly

Analyst Breach Insights Week of November 26: Macy’s Breach(es), the Definition of Insanity, and Breaking the Cycle

In this week’s Analyst Breach Insights, we’re discussing Macy’s recent data breach, as well as the broader question: why is Macy’s continually getting breached, even after facing heavy consequences for it? Where is the recovery effort going wrong?

Read More

Tags: Insider Threat , Visibility , Insider Threat Analyst Files
1 2 3 11

Learn More About How DTEX Can Help
Secure and Optimize Your Business

x

Dtex Systems Partners with Williams Racing Read the News!

Dtex Announces $17.5M in New Funding! Read More!