It’s no secret that there’s a massive cybersecurity skills gap. This has been reported for many years and recent reports indicate there’s no sign of it slowing. In fact, the 2018 Cybersecurity Workforce Guide published by (ISC)² contends that the gap actually continues to widen.
The report estimated that the shortage of cybersecurity professionals reached nearly three million globally last year. Due to this shortage organizations face increased risk; in fact, some 59% of respondents to the (ISC)² report said they believe their organization is at “extreme” or “moderate” risk due to this skills shortage. To compensate, enterprises are looking to automate manual tasks that require additional resources, such as hunting down insider threats.
In a recent case study, Bay Dynamics shared the story of a global electronic payment processing giant that was looking for a more advanced approach to managing insider threats. This global payments leader supports more than 6 million merchants worldwide, handles nearly half of all US based credit and debit transactions, and processes an estimated $1 trillion in transactions annually.
For obvious reasons insider threat detection is a critical component of their overall security program. To establish a cohesive solutions architecture, the executive in charge of the initiative and his team moved to implement a market-leading Data Loss Prevention (DLP) platform, along with the Bay Dynamics Risk Fabric platform, to provide detailed visibility into user behavior.
When investigating potential user and entity behavior analytics (UEBA) solutions, the company was specifically focused on using a platform that offered deep contextual awareness related to ongoing DLP investigations. By integrating directly with DLP, Risk Fabric would quickly provide detailed identification of those incidents that actually represented problematic activities, allowing for targeted remediation, most often in the form of end user security training.
With Risk Fabric and DLP deployed in tandem, the customer realized significant benefits from key capabilities including:
- Unique bidirectional integration with DLP to provide top-down and operational visibility into changing insider risk posture, with detailed metrics and trending
- Detailed contextual user, incident, and asset value data to prioritize efforts based on organizational risk, including automated remediation steps
- DLP incident matching with other critical data sets to investigate high impact scenarios and policy issues, while eliminating false positives
- Automated data aggregation and bulk analysis across DLP and other security platforms, with customizable dashboards for use by numerous teams
Ultimately, the customer gained detailed visibility into DLP incidents related directly to user behaviors – namely, understanding where individuals reside in the organization and their normal patterns of activity to help pinpoint and remediate problematic events.
Moreover, this strategy allowed the organization to cover more ground related to IT risk mitigation, without requiring additional staff.
For more details on this customer’s successful integration of DLP with Bay Dynamics Risk Fabric check out the full case study.