Despite high-profile leaks and the attention given to the insider threat, many organizations still fail to even see that they have an insider threat problem. Ajit Sancheti, CEO of Preempt, discusses what's needed to improve insider threat detection.
It all starts with trust, Sancheti says. And sometimes, frankly, we trust our employees too much.
"Employees have access to a lot of resources that they may or may not need," he says. "And what happens is: If someone goes rogue, or someone decides to build a second stream of income, it becomes very hard to know when they've gone rogue because almost all of the activity seems normal on the inside of the network. What enterprises are trying to figure out is 'How do you determine when someone becomes malicious?'"
When it comes to improving detection, employee training will go far," Sancheti says. Teach employees what good security looks like, and they can help you see when those practices are not being followed.
But organizations also need better technical tools to analyze the behavioral data they already are collecting, he says.
"The biggest challenge isn't that you're not collecting the data," he says. "The biggest challenge is making sense and interpreting the data, and machine learning really helps you get there."
In an interview about improving insider threat detection and mitigation Sancheti discusses:
Why malicious insiders continue to evade detection; How to know if your organization has a significant insider problem; The tools and skills needed to improve detection and remediation.Sancheti is CEO and co-founder of Preempt Security and has more than 20 years of experience in IT security and executive leadership. Previously, he co-founded Mu Dynamics (acquired by Spirent Communications) and held various management roles. Before Mu Dynamics, Sancheti was part of the corporate development group at Juniper Networks and an integral member of the team that developed the industry's first intrusion detection and prevention system at OneSecure (acquired by NetScreen). Prior to OneSecure, he spent seven years at Western Digital, holding various engineering and management positions. Sancheti received his M.S. in Engineering from the University of Massachusetts, Amherst, and his MBA from INSEAD, France.