Visibility is key to tackling insider threat and data breaches

Visibility is key to tackling insider threat and data breaches

Sudhakar Ramakrishna, CEO of Pulse Secure

There’s a lot of weight given to external threats that cause data breaches and not enough to the insider threats which is a very real issue. Whether it’s a disgruntled employee, a malicious employee, an opportunistic employee, or even an employee under pressure from a criminal organisation, the data breach will have the same consequences for the organisation – fines to pay and a bad reputation to overcome.

One of the reasons cyber breaches dominate the headlines is because the hackers release what they’ve stolen onto the black market or hacker groups release statements about their achievements. In short, they get the column inches because we know it’s happened. With insider threats, whether they are malicious or not, we often simply don’t ever find out about them. As a result, they don’t get talked about as much and they’re perceived, wrongly, as a lesser or at least a less frequently successful threat but insider threats are very real – you only have to look at the recent Mossack Fonseca breach to understand the risk.

Visibility is key to tackling insider threat and data breaches
Sudhakar Ramakrishna, CEO of Pulse Secure
So how can organisations protect against insider threats?
The first thing that organisations need to understand is that it’s not just full time employees that can get access to the network – it’s also contractors and guests. It’s completely normal for a visitor to request and expect access to your Wi-Fi network while contractors will have even more access. Any one of these can represent an insider threat. The second thing organisations should consider is what these people are accessing on the network and from where. BYOD and remote working is now the norm within most businesses so organisations have to secure their data while allowing access to it from various different locations and from an array of devices with different operating systems.
Then, organisations need to implement policies and technology solutions that clearly define and regulate network access for employees, contractors and guests whilst taking into consideration where and what devices they may be logging in from – a Network Access Control (NAC) solution is what’s required.

Organisations should be looking for NAC solutions that can detect the user, role, device, location, time, network and application and enforce very granular access policies and of course, trigger an alarm if any unusual behaviour is detected. A solution that can take all these factors into account can ultimately red flag an insider threat in action and prevent the unauthorised network, application, or data access before the insider’s device connects to the enterprise network via VPN or Wi-Fi. Not only does this protect the corporate network from the insider threat, it also protects the network from infected devices even if they were not infected maliciously. It also ensures only authorised workers have access to the different enterprise resources they need to complete their job. And of course solutions that capture who was logged in to what part of the network and what they’ve tried to access is incredibly useful intelligence to have during and after a breach.

NAC solutions also need to be compliant, easy-to-use and to easy-to-deploy, scalable and adaptable, and ideally be vendor agnostic.

Choosing a NAC solution that adheres to the toughest government standards with FIPS 140-2 compliance and a Common Criteria assurance level of EAL3+ will future-proof your technology. It’s also important to find a solution that employees don’t find cumbersome or difficult to use; the result will be unhappy and unproductive workers. Scalability and adaptability should also be considerations because work styles evolve and new technologies are always emerging. Solutions that are vendor-agnostic will often be easier to deploy and manage in the short and long term as they will be compatible with existing systems and technologies.

Finally, a NAC solution with one central management console will give end-to-end visibility of who is accessing data, from which device and from what location. We are a long way off preventing every single data breach but this kind of visibility is exactly the type of help an IT security team needs to win the war and protect their organisation against data breaches.

[su_button url=”https://www.pulsesecure.net/” target=”blank” background=”#df2027″ color=”#ffffff” size=”10″ radius=”0″ icon=”icon: arrow-circle-right”]For more information on Pulse Secure click here[/su_button]

About Security Buyer

Security Buyer is the leading authority in global security content, delivering expert news, in-depth articles, exclusive interviews, and industry insights across print, digital, and event platforms. Published 10 times a year, the magazine is a trusted resource for professionals seeking updates and analysis on the latest developments in the security sector.

To submit an article, or for sponsorship opportunities, please contact our team below.

Rebecca Spayne picture 2025

Rebecca Spayne

Managing
EDITOR

Georgina Turner image

Georgina Turner

Sales
Manager

Afua Akoto image - Security Buyer

Afua Akoto

Marketing Manager

Read the Latest Issue

Follow us on X

Follow us on X

Click Here

Follow us on LinkedIn

Follow us on LinkedIn

Click Here

Advertise here

Reach decision makers and amplify your marketing

Advertise here

Click Here

Related News

New McAfee research reveals 61% of IT professionals have experienced a serious data breach

McAfee research reveals that 61% of IT professionals are struggling to protect their company against data breach.
Candace Worley

New McAfee research reveals 61% of IT professionals have experienced a serious data breach

Integration of Security Solutions and Employee Training Recognized as Top Steps to Reduce Growing Severity of Breaches

Pulse Secure launches Access Now Partner Program to accelerate channel sales and service opportunities

Pulse Secure, the provider of Secure Access solutions, has announced the global launch of their new Access Now Partner Program.
Pulse Secure

Pulse Secure launches Access Now Partner Program to accelerate channel sales and service opportunities

Pulse Secure, the provider of Secure Access solutions, has announced the global launch of their new Access Now Partner Program.

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access

Pulse Secure announced that the IAIT Lab has completed an extensive test, resulting in superb findings across its usability.
Pulse Secure

Pulse Secure’s VPN solution earns ‘High Scores’ from IAIT Lab for zero trust-based secure access

Pulse Secure announced that the IAIT Lab has completed an extensive test of Pulse Connect Secure, resulting in superb findings across its usability.

500 million guests affected by Marriott data breach

Marriott International has confirmed a data breach to the Starwood guest reservation database which has seen the details of up to 500 million guests stolen.

The human factor: why behaviour is the weak link in cybersecurity

The news of serious data breaches is becoming an almost daily occurrence, to the point that many companies view it as an inevitability.
Scroll to Top