It is becoming increasingly well known that people within organisations pose one of the largest threats to cybersecurity. In 2016, Business Insider reported on an IBM security brief which stated, “The bigger problem is that most of these (cyber) attacks are initiated by “insiders,” such as employees, business partners, or third-party contractors. … based on data from the IBM report, … 60% of all cyber-attacks in 2015 were an inside job, with 44.5% of them designed by “malicious insiders.””
As we move to a mobile first network with increased use of employee own devices (BYOD) and the Internet of Things (IoT); How can we be certain employees are not inadvertently or purposefully placing organisations at risk from a cyber-attack?
Quite simply put, until recently there has been no way of assessing or monitoring your internal risk.
However, this year, Aruba IntroSpect, was crowned the best threat detection product on the market by the infamous Santa Clara Magazine. The solution, a unified approach to detecting inside the perimeter attacks, protects networks against next generation mobile, IOT and cloud threats, even when users and devices have been authenticated by constantly monitoring traffic use throughout the network.
So how does Aruba IntroSpect protect organisations from “Inside the perimeter attacks”?
Aruba IntroSpect detects and protects your network by ingesting BIG data; Utilising AI and Machine learning to analyse data flow, data logs and raw packet data. Creating a compelling baseline behaviour profile of each user and device. By comparing similar job functions and employee/device behaviour over time, Aruba IntroSpect successfully identifies;
- – Rogue employees’ intent on being malicious
- – Compromised devices via stolen credentials or devices
- – Click happy negligent employees who inadvertently click malicious malware
The bottom line is, by adopting Aruba IntroSpect User Entity Behaviour Analytics (UEBA) your organisation will be awarded an unprecedented level of visibility. Here are the facts:
1. ARUBA INTROSPECT IDENTIFIES SUSPICIOUS BEHAVIOUR FROM INSIDERS
- – Each user and device are given an entity 360 risk score based on behaviour to identify “At Risk” employees, partners and third-party providers.
- – Creates a long-term historical record of user and device behaviour.
- – Has integrated forensics that provides a detailed profile of each device over time.
- – Monitors surges in up/downloads.
2. ARUBA INTROSPECT ENHANCES NETWORK PERFORMANCE
- – IntroSpect has the capability to ingest huge amounts of data from almost any source, quickly without a reduction in performance.
- – These performance attributes all equate to rapid detection.
- – Malware previously unnoticed by current security monitoring systems can now be easily identified.
3. ARUBA INTROSPECT’S SEAMLESS INTEGRATION
- – IntroSpect uses Apache Hadoop for its on-premise solution, not only is this the most widely used data storage and processing system, it is the backbone of big data operations, it is highly flexible in nature and can support dynamic adjustments in scope easily.
- – Easily integrates with current SIEM and other network infrastructure providers.
- – Unprecedented end to end capabilities are achieved when integrating Aruba’s Network Access Control solution (ClearPass) together with IntroSpect.
4. ARUBA INTROSPECT REDUCE RESOURCES
- – Introspect reduces resources required to review this style of attack.
- – Standard or advanced solutions tailored to your companies’ requirements and budget are available.
Considering UEBA? NetWireless are experts in network security and can help you today!
NetWireless is a multi-disciplinary IT network and management company specialising in Wi-Fi design, deployment, security and managed services. Speak to our technical consultants today (CALL 1300 324 844) to ensure your network infrastructure needs are met.