Insider Threat: Hunting and Detecting

The insider threat is a multifaceted challenge that represents a significant cybersecurity risk to organizations today.

Some are malicious insiders such as employees looking to steal data or sabotage the organization. Some are unintentional insiders such as employees who make careless mistakes or fall victim to phishing attacks.Identifying insider threats is becoming increasingly important. Malicious insiders often carry out their operations over time, taking steps to hide their activity and remain undetected. This makes it particularly difficult to detect and prevent these types of threats. In fact, malicious insider threat activity often goes undetected and unreported.

Read more…
Source: Mandiant