Access "Analytics and the insider threat: Privileged users and patterns of deception"
This article is part of the December 2013 Vol. 15 / No. 10 issue of 2013 Security 7 award winners revealed
Marketing folks have long identified the promise of big data and analytics, looking for competitive advantages and insights into customer behaviors. Internet users help build these metrics by "liking" this or that, or unknowingly indicating preferences through their daily Web activities. Similar metrics surround those of us in the information technology profession: This data can be mined to help protect our companies. The methodology of using the metaphorical electronic battering ram to break through a company's hard exterior is gone, but not forgotten. Most security teams now understand how to protect against these attacks. Security professionals are even getting more talented in spotting those pesky advanced persistent threats (APTs) that parachute into our companies and open up the unwanted outbound conduit. When APTs execute and communicate back to the command center, those actions take on the same characteristics as insider threats. Today's security organizations collect logs, use security information and event management (SIEM) correlation engines, ... Access >>>
Premium Content for Free.
Beyond the Page: Breach detection systems
by John Pirc
In the December 2013 Beyond the Page, John Pirc explains why breach detection systems are an essential security tool in a malware-infested world.
Banking on intelligence-driven security
by Jason Witty
Security 7 Award winner Jason Witty discusses how rapid change requires a disciplined, collaborative approach to information security.
Analytics and the insider threat: Privileged users and patterns of deception
by Timothy Rogers
Security professionals should analyze metrics to learn baseline behavioral patterns of their employees and identify anomalous behaviors.
Secure all the (Internet of) Things
by Angela Orebaugh
Despite the promise of the Internet of Things, history will repeat itself unless we take action.
Feature: Enhanced threat detection: The next (front) tier in security
by John Pirc
When conventional security falls short, breach detection systems and other tier-two technologies can bolster your network’s defenses.
- Beyond the Page: Breach detection systems by John Pirc
Wi-Fi connectivity puts pressure on medical device security
by Ali Youssef
Health system's certification program mitigates the risks associated with wireless medical devices.
A full-service model for SIEM
by George Do
The industry needs to recognize the value that full service "SIEM in the cloud" would bring to organizations.
From ABCs to BYOD
by Philip Scrivano
Security 7 Award winner Phil Scrivano heads a BYOD program for the 17 public schools in Los Angeles County, securing network access from kindergarten on up.
Get back to basics for improved network security
by Nick Duda
If your post-mortem meetings are anything like mine, forget the bells and whistles and revisit security best practices.
- Wi-Fi connectivity puts pressure on medical device security by Ali Youssef
Congratulating the 2013 Security 7 Award winners
by Kathleen Richards, features editor
We honor leading information security professionals in seven vertical industries and applaud their achievements in our annual awards issue.
Return on security investment: The risky business of probability
by Pete Lindstrom, Contributor
You are better off with real numbers when it comes to measuring probability and the elements of security risk, even if they are wrong.
- Congratulating the 2013 Security 7 Award winners by Kathleen Richards, features editor
More Premium Content Accessible For Free
Strategies for a successful data protection program
Deploying data protection technologies properly requires a lot of time and patience. While most firms can get started by using preconfigured policies...
Devices, data and how enterprise mobile management reconciles the two
The bring your own device (BYOD) movement, which has flooded the enterprise with employee-owned smartphones, tablets, phablets and purse-sized ...
Putting security on auto-pilot: What works, what doesn't
For so long penetration testing meant hiring an expert to use skill and savvy to try to infiltrate the company system. But, as with most ...