Everything should be encrypted
Paul Ayers recommends an all-pervasive approach to data security
MI5 has warned that foreign intelligence agencies are targeting IT workers within big organisations in a bid to gain privileged access to sensitive data.
Acts of grooming internal sources with access to highly sensitive information is reminiscent of the practices of Cold War spymasters, and MI5 itself has used the analogy – the aim being to encourage more companies to boost their IT defences.
This warning confirms something that we've been saying for a while now: that the abuse of privileged credentials is the next frontier for cybercrime against enterprises.
Perhaps one of the biggest examples of insider threat is the data breach that occurred at US retailer Target. Other organisations that have fallen victim recently include supermarket chain Morrisons and the Korea Credit Bureau.
So it is clear that businesses are still struggling to defend their most critical assets from those who are legitimately within the network perimeter.
There is complexity here, which partly stems from the changing notions about privileged users.
An insider with legitimate access rights could be almost anybody with appropriate credentials to view and modify data across corporate networks, from contractors to system engineers to network maintenance workers.
In addition, users can be even more lucrative targets these days than ever. Hijacked network credentials can be used to infiltrate corporate networks and such infiltration is now more difficult to detect.
This is yet another reminder that more organisations need to take a different approach to data security. Too many are still putting putting all their eggs in one basket and spending soley on perimeter security, yet cybercriminals increasingly set their sights on those already inside.
Businesses should constantly monitor their IT systems, detecting and responding to data breaches as soon as they happen – whether internally or externally. All data must also be encrypted.
A modern security framework needs to be designed from the inside out, with controls placed tightly around the most sensitive data and preventing users that already have privileges, such as system admins, being able to access information they simply don't need.
Paul Ayers is an EMEA vice president at Vormetric