Photo - Alex Lim, Regional Sales Director SEA, Forcepoint
Texas-based cyber security solutions company Forcepoint has launched its SureView Insider Threat (SureView) solution in Malaysia to help companies prevent data theft and loss from hijacked systems, rogue insiders, stolen credentials and negligent end users.
Forcepoint's regional sales director SEA, Alex Lim, said that SureView will allow security professionals to see early warning signs of abnormal behaviours, capture a video record of desktop activity and intervene before sensitive data gets breached or stolen.
Lim said SureView made it possible for companies to identify potentially risky activity across and within their enterprises.
He said that for almost 10 years, the technology within SureView has been helping U.S.-based enterprises and government agencies to detect and respond to insider threats. When Forcepoint was launched, the core technology was transferred to Forcepoint from Raytheon.
Lim said that negligence by ordinary employees was the number one cause of insider threats, and whether malicious, accidental or hijacked, threats inside the network can be far more harmful than outside attackers.
On average, external cyber criminals can operate undetected for 170 days, but insiders escape detection for 259 days. Because insiders have more time to operate and better insight to where valuable data is stored, they cause far more damage per incident: the 10 percent of total incidents attributed to insiders are responsible for more than half of stolen data.
On average, a data breach costs an enterprise US$3.8 million, yet despite the greater risk posed by insiders, the majority of security spending remains focused on external threats.
Insiders do more damage
"Insiders do more damage and go undetected longer than external threats. Until now, global enterprises haven't had an effective tool to protect against threats from within. Forcepoint is redefining what it means to secure an organisation, by thinking more in terms of 'inside-out' rather than 'outside-in,' said Matt Moynahan, Forcepoint chief executive officer. "SureView Insider Threat is the tool global enterprises have been waiting for."
The SureView Insider Threat solution uses an objective, rigorous process of verification that captures all relevant data while respecting user privacy, Moynahan said, adding that SureView identified risk by baselining 'normal' user behaviour. The technology will then detect deviations from the norm, such as a change in data access, working hours, email activity or copying files from network to desktop.
SureView can also spot deviations in activity at the endpoint which may indicate a different person using stolen credentials or a system hijacked by malware. These risk indicators serve as warning signs that may be investigated further.
Forcepoint includes DVR-like video capture and playback of end user desktop activity for both Windows and Mac OS endpoints. SureView Insider Threat works in integration with Forcepoint's Data Loss Prevention (DLP) solution.
"When Forcepoint launched, one of the key goals was to find ways to deliver Raytheon technology to commercial enterprises," said Moynahan. "By developing an internationally available version of SureView, we're bringing that vision to life."
Sign up for Computerworld eNewsletters.