IBM launches 10 security products to combat insider threats
Insider threats are increasingly endangering enterprise assets, according to the latest data from the Economist Intelligence Unit (EIU) and Kroll Advisory Solutions.
More than two-thirds of corporate fraud is committed by insiders, according to a survey of 800 senior executives conducted by the EIU for Kroll. That number is up from 60 percent last year and 55 percent in 2010.
Where the fraud involves data theft, 35 percent of the time employees are to blame, more than twice the rate of theft by external hackers, the survey found.
The Kroll data is back up by IBM's 2012 Global Reputational Risk and IT Survey of 400 senior executives, which identified IT risks ranging from data thieves to the use of emerging technologies including cloud, mobile and social media as a major cause of concern.
IBM said its new security products help companies maintain security control over mobile devices, mitigate internal and external threats, reduce security risks in cloud environments, expand database security to gain insights into big data environments and automate compliance and data security management.
"Five years ago, security was perimeter based. The bad guys were outside, the good guys were inside. Today, we have seen that perimeter start to degrade," Kevin Skapinetz, program director of product strategy at IBM Security Systems, told FierceEnterpriseCommunications.
"With the perimeter starting to diminish, we want to start putting more control and tracking around individuals and the key data and systems that they are accessing. So we are targeting the 'privileged user': those individuals are critical internally because they do have access to the most data, applications and assets of the organizations," Skapinetz added.
"How do we control them? What access do they have? Can we get detailed reports about them? Can we watch their general behavior and activities? These things will give you more insight than a general policy," he said.
One of the products launched on Thursday is the IBM Security Privileged Identity Manager, which is designed to address the growing insider threat and help demonstrate compliance across the organization.
Using the platform, enterprises can safeguard their cloud-based privileged accounts with a single access management product designed for privileged users and administrators, helping organizations defend against insider threats and security breaches, IBM explained. The platform centralizes management of privileged and shared IDs, automates password management and validates access privileges.
To address the growing insider threat, enterprise security vendors will need to step up their game and provide IT administrators with the ability to safeguard company secrets and track bad actors.