CSO 50 2017

A step ahead – This year’s CSO50 winners are designing security to stay in front of modern threats

SallieMae

Reducing Insider Threats with Risk Analytics

Some 69 percent of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders during the last 12 months, according to Accenture.

At student loan company Sallie Mae, insider threats have been amplified by increasing employee turnover and more contract-based positions. To combat the problem, Sallie Mae adopted a new approach that combines machine learning, analytics and predictive anomaly detection to user behavior and access privileges that can detect and protect against insider threats, as well as external attacks that use compromised insider credentials.

Sallie Mae deployed a user and entity behavior analytics (UEBA) platform from Gurucul. The technology first identified outlier access, orphan and dormant accounts. Next, it was used to monitor user activity to identify anomalous behavior in both on-premises IT resources and in cloud environments. If a user downloads a confidential document under abnormal circumstances, for instance, investigators can search all other users who also accessed it to uncover events which might involve multiple actors. Excess and misaligned access to data has been reduced by up to 40 percent.

For full article: http://core0.staticworld.net/assets/2017/04/26/cso50_2017.pdf

Previous
Next