Company Looks Back at What’s to Come in Insider Threat Detection; “Mom’s Favorite Recipes” Made Security Sick, Employees Turned Security Inside Out
December 20, 2016 7:00 AM Pacific Time SAN JOSE, CA — December 20, 2016 — Dtex Systems, leaders in insider threat detection and defense, today unveiled an overview of security incidents that will have taken place by the end of 2017, along with analysis and observations demonstrating why public and private organizations will have fallen prey to them.
“Many predictors issue end-of-year projections that are purely obvious conclusions, providing little to no insight or actionable information,” said Christy Wyatt, CEO at Dtex Systems. “Rather than hedge around cautious statements, we’ve used our technology and expertise to create a year-in-review, a year in advance.”
To determine what some of the top security issues to plague organizations will have been by the end of next year, the company leveraged its comprehensive visibility into user and entity behavior, threat analytics, and its expert analyst team, all of which power the Dtex User Threat Detection Platform. With a detailed understanding of what happened in 2016, Dtex is confident that by the time December 31, 2017 rolls around, this is what will have occurred:
“Mom’s favorite recipes” made security pros ill — In 2017, more than 50 percent of organizations experienced data theft by employees leaving the company. Insiders involved in these violations took simple steps to cover their tracks. One of the most common methods used to avoid detection was simple file renaming. In 2016 assessments, Dtex found that insiders were renaming sensitive corporate files to things like “Mom’s favorite recipes” and “Unimportant” before transferring them to personal drives and into cloud apps. The trend continued through 2017, as organizations did not have tools to provide visibility into when users took steps like these to execute unauthorized file transfers.
Your security was turned inside out… by insiders — Throughout 2016, Dtex customers noticed a trend where employees were using company machines to ask Google questions like, “How do I bypass my network proxy?” These searches frequently led to employees learning how to install VPNs, access blocked sites, run password-override tools and network sniffing tools like Wireshark. This trend continued throughout 2017, seeing usage of proxy bypass or anonymous VPN sites double, leading the industry to conclude that more security restrictions give insiders motivation to get better at evading controls.
Your business moved to the cloud (without your permission) — In 2016, Dtex observed that in 64 percent of company security assessments, publically searchable corporate data was found on the public Internet, without even basic controls like passwords. This problem stemmed from employees and partners sharing files through popular cloud apps like Google Drive via unsecured links. This problem has not been remedied. As a result, in 2017, more than 90 percent of organizations made it possible for anyone to find everything from sensitive IP and regulated data to customer information through simple online searches. A lack of visibility into third party sharing of sensitive information on unsanctioned cloud apps was found to have been one of the primary reasons these types of breaches occurred.
Early in 2017, the company will release its annual Dtex Insights Report. With a deeper analysis of some of the 2016 findings included in this release, the report will provide a detailed look at some of the most common and sophisticated insider threats taking place today. To register in advance for a copy of the report, visit: https://dtexsystems.com/2017-insider-threat-insights-report/.
Like Dtex on Facebook: https://www.facebook.com/Dtex-Systems-297181017056254Follow Dtex on Twitter: https://twitter.com/DtexSystemsConnect with Dtex on LinkedIn: https://www.linkedin.com/company/dtex-systems
About Dtex Systems
Dtex Systems arms enterprises across the globe with revolutionary technology to protect against user threats, data breaches, and outsider infiltration. As the only solution combining unparalleled endpoint visibility with advanced analytics, Dtex is able to pinpoint threats with greater accuracy than traditional security methods without adversely impacting user productivity. To learn more, visit www.dtexsystems.com.