Insider threats are a problem for every industry, but financial services is by far the prime target for data theft. No other industry is tasked with handling and securing more sensitive data. For large financial institutions with large numbers of employees, it’s critical to have visibility into employee activities that raise red flags signalling potential abuse.
Insider abuse and data misuse account for more than a third of data breaches in financial services organisations. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at global scale.
Cybersecurity expert and J2 Software CEO John Mc Loughlin says DTEX has helped a global financial institution increase visibility into its insider threat landscape, allowing the company to mitigate against previously unknown threats in a scalable way without interrupting business-critical processes.
“This global financial institution is one of the largest in the US. They quickly understood that it needed to rethink its insider threat strategy following a data breach in which a single privileged employee was able to access and steal sensitive information for more than two years without being detected,” he explains.
While the organisation had some visibility through a legacy DLP solution, the breach made one thing clear: they lacked critical visibility into the potential red flags that could transform any of their 60 000 global employees from insider risks to insider threats.
At the same time, the financial institution’s stringent technology standards made it critical to identify a solution that would not impact employee performance and productivity. They needed to scale user visibility across nearly 70 000 endpoints, integrate seamlessly within the existing tech architecture, and be lightweight enough that it wouldn’t affect employee performance.
Mc Loughlin says the financial institution launched an exhaustive search for a solution that met all of the required parameters. “They knew that a big-box solution like their existing DLP solution would not suffice and quickly ruled out several UEBA solutions that were either too difficult to deploy or did not have the right user data.”
“When the team tested DTEX, they found that not only could it scale across all required endpoints, including Macs, Windows and Linux machines and servers, but that it was cloud-ready and lightweight enough to do so easily without exceeding the company’s strict CPU usage thresholds. The decision was an easy one,” he says.
Once the organisation deployed DTEX, the benefits were immediate. Enhanced user visibility allowed the insider threat team to quickly see and understand suspicious activity by privileged users, as well as monitor activity related to highly-sensitive documents – all without impacting employee productivity or performance.
Insider abuse and data misuse account for over a third of data breaches in financial service organisations and must be accounted for by controls. Protecting against insider threats requires solutions that can discern between legitimate use and malicious intent and be deployed quickly at tremendous scale.
“The DTEX InTERCEPT platform has proven its value in enterprise deployments across world’s largest and most complex banks. DTEX has become a critical element of the financial institution’s security program, enabling them to identify malicious insiders, protect compromised employees and prevent data exfiltration,” he concludes.