Some of the recent high-profile breaches have highlighted that organizations don’t discover a breach until long after it occurs, and furthermore, they rarely have accurate knowledge of the extent of the breach. These incidents have a devastating impact on many facets of an organization, including financially – to the tune of an estimated $400 million, industry-wide, according to the 2015 Verizon DBIR.
Organizations have to face the new reality that it is not a matter of if they will be breached, but when they will be breached. Attackers are already inside – either rightfully as an employee or contractor, or through legitimate but compromised credentials as an outside hacker. Their presence on a network wouldn’t necessarily look suspicious to IT, but their activity would likely appear anomalous. Still, users’ behavior on many internal systems is rarely monitored or analyzed. The DBIR supports this claim, stating, “the common denominator across the top four [incident classification] patterns —accounting for nearly 90% of all incidents — is people. Whether it’s goofing up, getting infected, behaving badly, or losing stuff, most incidents fall in the PEBKAC and ID-10T über-patter
- Organizations face data breaches every day
- Attackers are already inside - employee or outside hacker
- Session will cover stages of an inside-out incident
About Greg Gurevich
Greg Gurevich is a Supervising Systems Engineer for Varonis Systems, a leader in unstructured data protection and management, as well as secure mobile collaboration. Over the last 15 years, Greg has been involved with global deployments of Enterprise Management Frameworks, Storage Consolidation and Disaster Recovery solutions.
During the last 5 years, Greg has functioned as an ally to Varonis, working to assist many aiming to protect and manage large unstructured volumes of data.
