IBM Security, profile picture
Uploaded byIBM Security
1,960 views

IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Business Processes

The document outlines the role of IBM X-Force in monitoring the evolving cybersecurity threat landscape and highlights the rise of insider threats, which now account for a significant percentage of attacks. It emphasizes the importance of user education, monitoring privileges, and controlling access to mitigate risks associated with privileged accounts. The document also provides various strategies for organizations to enhance their security posture against both external and insider threats.

Embed presentation

Downloaded 50 times
© 2012 IBM Corporation IBM Security Systems 1© 2015 IBM Corporation IBM X-Force: Insights from the 2Q 2015 X-Force Threat Intelligence Quarterly
© 2015 IBM Corporation IBM Security 2 IBM X-Force® Research and Development Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter Expert analysis and data sharing on the global threat landscape Zero-day Research
© 2015 IBM Corporation IBM Security 3 IBM X-Force monitors and analyzes the changing threat landscape 20,000+ devices under contract 15B+ events managed per day 133 monitored countries (MSS) 3,000+ security related patents 270M+ endpoints reporting malware 25B+ analyzed web pages and images 12M+ spam and phishing attacks daily 89K+ documented vulnerabilities 860K+ malicious IP addresses Millions of unique malware samples
© 2015 IBM Corporation IBM Security 44 Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 and 2014 IBM Chief Information Security Officer Assessment 83% of CISOs say that the challenge posed by external threats has increased in the last three years Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents Relentless Use of Multiple Methods 800,000,000+ records were leaked, while the future shows no sign of change “Insane” Amounts of Records Breached 42% of CISOs claim the risk from external threats increased dramatically from prior years.
© 2015 IBM Corporation IBM Security 5 According to Ponemon Institute, the cost of these breaches is on the rise Source: Ponemon Institute Cost of Data Breach Study $136 $145 $154 1 2 3 Series1 Net change over 1 year = 6% Net change over 2 years = 12% Cost per record* $136$154 $136$3.8M 23% Global average 12% Global average increase over two years increase over two years 5 Cost per incident*
© 2015 IBM Corporation IBM Security 6 Recent data from IBM Security Services shows 55% of all attacks were found to be carried out by malicious insiders or inadvertent actors Source: IBM 2015 Cyber Security Intelligence Index, Figure 4
© 2015 IBM Corporation IBM Security 7 New classifications of Insider Threats Disgruntled employees Malicious insiders Inadvertent insiders Quasi-insiders Traditionally, “insider threats” meant disgruntled or negligent employees were inflicting harm to the company’s assets; today many different classifications have come forward
© 2015 IBM Corporation IBM Security 8 Modern trends in enterprise computing increase the attack surface of people with trusted access • Trusted users with privileged access to systems housing critical business, PII and monetary assets • The digital connectivity of IoT opens up new entry points into physical systems. • Third party contractors or suppliers can widen the attack surface • Inadvertent insiders can merely click a malicious link Social Media Trends Attack Vectors Big data MobilityCloud
© 2015 IBM Corporation IBM Security 9 Spam origination efforts have become so distributed that not one country exceeds 8% of the total volume for very long. Source: IBM X-Force Threat Intelligence Quarterly, 2Q 2015
© 2015 IBM Corporation IBM Security 10 Any insider, even those with the best of intentions, can inadvertently aid in an attack by clicking on a malicious link sent in a phishing email. Source: IBM X-Force Threat Intelligence Quarterly, 2Q 2015
© 2015 IBM Corporation IBM Security 11 Network administrators can take a few basic steps to fend off malicious spam attachments Keep your spam and virus filters up to date. Block executable attachments. In regular business environments it is unusual to send executable attachments. Most spam filters can be configured to block executable files even when they are within zip attachments. Use mail client software that allows disabling automatic rendering of attachments and graphics, and preloading of links—and then disable them. Educate users on potential danger of spam, and actions to take
© 2015 IBM Corporation IBM Security 12 User education on spam should focus on skepticism and common sense Before opening emails, clicking on links or opening the attachment, users should ask some simple questions: • Do I know the sender? • Did I expect this email and this attachment? • Does it make sense that the attachment is zipped, and is the format appropriate for this type of message and attachment type? • Which file type is in the zip file? Executable, screensavers, and unknown file types are more likely to host malicious code. Spammers use social engineering to mask malicious links, making emails mimic standard messages from: eCommerce sites $ Banks or Financial Institutions Corporate internal systems such as fax and copy machines
© 2015 IBM Corporation IBM Security 13 People can be the weakest link in securing valuable data
© 2015 IBM Corporation IBM Security 14 Privileged IDs are growing, so control the associated risk Administrative tasks are assigned to a large pool of staff or contractors with frequent changes. Some employees such as developers need occasional or one-time privileged access to specific resources to perform maintenance tasks. Destroys user accountability Can interfere with regulatory compliance 1 2 Several trends are escalating the numbers of privileged IDs within organizations: Creating shared IDs circumvents the need to continually add and delete accounts as users come and go, but is a bad practice. 1 2
© 2015 IBM Corporation IBM Security 15 Grant user entitlements appropriately and keep them updated User entitlements should be updated to adapt to changes, especially when workers change roles or leave the organization. Conduct regular audits of user entitlements 2 Authorize users based on the least access privilege they require? 1
© 2015 IBM Corporation IBM Security 16 Manage and monitor users for both security and compliance Monitor and audit IDs to highlight anomalies or misuse of account privileges Application monitoring with application-layer network visibility Use strong authentication that relies on sound policy for identity assurance.
© 2015 IBM Corporation IBM Security 17 Physical security is just as important as digital monitoring Maintaining a rigorous security posture that considers not just digital but also physical security is key to protect against insider threats.
© 2015 IBM Corporation IBM Security 18 Applying a broad range of security practices can help minimize insider threats Address gaps in physical security Set mail and spam settings to minimize damage from malicious spam and attachments Educate users on potential danger of spam, and actions to take Use identity governance solutions to help classify users by roles and access requirements Grant user entitlements appropriately and keep them updated Manage and monitor users for both security and compliance.
© 2015 IBM Corporation IBM Security 19 Connect with IBM X-Force Research & Development Find more on SecurityIntelligence.com IBM X-Force Threat Intelligence Quarterly and other research reports: http://www.ibm.com/security/xforce/ Twitter @ibmsecurity and @ibmxforce IBM X-Force Security Insights Blog www.SecurityIntelligence.com/topics/x-force Watch SecurityIntelligence.com/Events for the registration for a July 23 webinar with X-Force researcher Robert Freeman!
© 2015 IBM Corporation IBM Security 20 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.

More Related Content

PPTX
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
PPTX
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
PPTX
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
PDF
10 Security Essentials Every CxO Should Know
byIBM Security
 
PPTX
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
PDF
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
PPTX
Attack Autopsy: A Study of the Dynamic Attack Chain
byIBM Security
 
PDF
Security Trends in the Retail Industry
byIBM Security
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
byIBM Security
 
4 Ways to Build your Immunity to Cyberthreats
byIBM Security
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
byIBM Security
 
10 Security Essentials Every CxO Should Know
byIBM Security
 
The ROI on Intrusion Prevention: Protecting Both Your Network & Investment
byIBM Security
 
IBM Security AppExchange Spotlight: Threat Intelligence & Monitoring Microso...
byIBM Security
 
Attack Autopsy: A Study of the Dynamic Attack Chain
byIBM Security
 
Security Trends in the Retail Industry
byIBM Security
 

What's hot

PPTX
QRadar & XGS: Stopping Attacks with a Click of the Mouse
byIBM Security
 
PDF
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
PDF
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
byIBM Security
 
PDF
The 2016 Ponemon Cost of a Data Breach Study
byIBM Security
 
PPTX
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 
PDF
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
PPTX
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
byIBM Security
 
PPTX
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
byIBM Security
 
PPTX
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 
PDF
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
PPTX
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
PDF
What’s the State of Your Endpoint Security?
byIBM Security
 
PPTX
Data Breaches: Is IBM i Really at Risk?
byHelpSystems
 
PPTX
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 
PPTX
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
PDF
IBM Security Services Overview
byCasey Lucas
 
PPT
Presentación AMIB Los Cabos
byJuan Carlos Carrillo
 
PDF
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
PPTX
Valuing Data in the Age of Ransomware
byIBM Security
 
PPTX
Compete To Win: Don’t Just Be Compliant – Be Secure!
byIBM Security
 
QRadar & XGS: Stopping Attacks with a Click of the Mouse
byIBM Security
 
Securing the C-Suite: Cybersecurity Perspectives from the Boardroom
byIBM Security
 
Life on the Endpoint Edge: Winning the Battle Against Cyber Attacks
byIBM Security
 
The 2016 Ponemon Cost of a Data Breach Study
byIBM Security
 
Top 2016 Mobile Security Threats and your Employees
byNeil Kemp
 
Top 12 Cybersecurity Predictions for 2017
byIBM Security
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
byIBM Security
 
Cloud security enforcer - Quick steps to avoid the blind spots of shadow it
byIBM Security
 
See How You Measure Up With MaaS360 Mobile Metrics
byIBM Security
 
The Next Stage of Fraud Protection: IBM Security Trusteer Fraud Protection Suite
byIBM Security
 
Bordless Breaches and Migrating Malware
bySarah Freemantle
 
What’s the State of Your Endpoint Security?
byIBM Security
 
Data Breaches: Is IBM i Really at Risk?
byHelpSystems
 
Tolly Report: Stopping Attacks You Can't See
byIBM Security
 
Your Mainframe Environment is a Treasure Trove: Is Your Sensitive Data Protec...
byIBM Security
 
IBM Security Services Overview
byCasey Lucas
 
Presentación AMIB Los Cabos
byJuan Carlos Carrillo
 
Bridging the Gap between Privacy and Security: Using Technology to Manage Com...
byIBM Security
 
Valuing Data in the Age of Ransomware
byIBM Security
 
Compete To Win: Don’t Just Be Compliant – Be Secure!
byIBM Security
 

Viewers also liked

PPT
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
PDF
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
PPTX
Why Insider Threat is a C-Level Priority
byObserveIT
 
PPTX
Operational Security Intelligence
bySplunk
 
PPTX
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
byIBM Security
 
PDF
How to Choose the Right Security Information and Event Management (SIEM) Solu...
byIBM Security
 
DOCX
Intelligence
byNOMAN KHAN
 
PPTX
Startup Next - Market Sizing & Competitive Analysis
bydwightgunning
 
DSS @CERT.LV_ISACA_2013_Conference - IBM X Force Report 2013
byAndris Soroka
 
IBM X-Force: Insights from the 1Q 2015 X-Force Threat Intelligence Quarterly
byIBM Security
 
Why Insider Threat is a C-Level Priority
byObserveIT
 
Operational Security Intelligence
bySplunk
 
Security Intelligence: Finding and Stopping Attackers with Big Data Analytics
byIBM Security
 
How to Choose the Right Security Information and Event Management (SIEM) Solu...
byIBM Security
 
Intelligence
byNOMAN KHAN
 
Startup Next - Market Sizing & Competitive Analysis
bydwightgunning
 

Similar to IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Business Processes

PPTX
Follow the Money, Follow the Crime
byIBM Security
 
PDF
IBM - IAM Security and Trends
byIBM Sverige
 
PPTX
Emergency Response How to Identify and Resolve Security Risks
byIBM Security
 
PPTX
Security in the Cognitive Era: Why it matters more than ever
byEC-Council
 
PDF
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
byNorth Texas Chapter of the ISSA
 
PDF
Cyber Security 4.0 conference 30 November 2016
byInfinIT - Innovationsnetværket for it
 
PPTX
PCM Vision 2019 Breakout: IBM | Red Hat
byPCM
 
PPT
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
byUISGCON
 
PPTX
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
byIBM Security
 
PDF
IBM X-Force Research
byJosefina Almorza Hidalgo
 
PDF
3 Enablers of Successful Cyber Attacks and How to Thwart Them
byIBM Security
 
PDF
Securité : Le rapport 2Q de la X-Force
byPatrick Bouillaud
 
PDF
IBM X-Force.PDF
byBan Selvakumar
 
PDF
Brendan Byrne, Security Services Consulting and Systems Integration Leader at...
byGlobal Business Events
 
PPTX
Take your SOC Beyond SIEM
byThomas Springer
 
PPT
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
PDF
An Integrated, Intelligent Approach to Security
byGerard McNamee
 
PPTX
Malware in a JAR: How Rogue Java Applications Compromise your Endpoints
byIBM Security
 
PPSX
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 
PDF
Identity Governance: Not Just For Compliance
byIBM Security
 
Follow the Money, Follow the Crime
byIBM Security
 
IBM - IAM Security and Trends
byIBM Sverige
 
Emergency Response How to Identify and Resolve Security Risks
byIBM Security
 
Security in the Cognitive Era: Why it matters more than ever
byEC-Council
 
Luncheon - 2016-05-19 IBM Security - Threat Intelligence by Michael Montecillo
byNorth Texas Chapter of the ISSA
 
Cyber Security 4.0 conference 30 November 2016
byInfinIT - Innovationsnetværket for it
 
PCM Vision 2019 Breakout: IBM | Red Hat
byPCM
 
Adrian Aldea - IBM X-Force 2013 Mid-Year Trend and Risk Report #uisgcon9
byUISGCON
 
Stopping Advanced Attacks on their Onset: A Practical Look at Modern Day Prev...
byIBM Security
 
IBM X-Force Research
byJosefina Almorza Hidalgo
 
3 Enablers of Successful Cyber Attacks and How to Thwart Them
byIBM Security
 
Securité : Le rapport 2Q de la X-Force
byPatrick Bouillaud
 
IBM X-Force.PDF
byBan Selvakumar
 
Brendan Byrne, Security Services Consulting and Systems Integration Leader at...
byGlobal Business Events
 
Take your SOC Beyond SIEM
byThomas Springer
 
IBM security systems overview v1.0 - rohit nagarajan
byShwetank Jayaswal
 
An Integrated, Intelligent Approach to Security
byGerard McNamee
 
Malware in a JAR: How Rogue Java Applications Compromise your Endpoints
byIBM Security
 
IBM: Cognitive Security Transformation for the Enrgy Sector
byFMA Summits
 
Identity Governance: Not Just For Compliance
byIBM Security
 

More from IBM Security

PPTX
Automation: Embracing the Future of SecOps
byIBM Security
 
PDF
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
PPTX
Integrated Response with v32 of IBM Resilient
byIBM Security
 
PDF
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
PDF
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
PDF
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
PDF
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
PPTX
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
PPTX
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
PPTX
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
PPTX
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
PDF
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
PPTX
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
PPTX
IBM QRadar UBA
byIBM Security
 
PDF
Mobile Vision 2020
byIBM Security
 
PDF
Retail Mobility, Productivity and Security
byIBM Security
 
PDF
Close the Loop on Incident Response
byIBM Security
 
PDF
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 
PPTX
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
byIBM Security
 
PPTX
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
byIBM Security
 
Automation: Embracing the Future of SecOps
byIBM Security
 
Leaders & Laggards: The Latest Findings from the Ponemon Institute’s Study on...
byIBM Security
 
Integrated Response with v32 of IBM Resilient
byIBM Security
 
The Resilient End-of-Year Review: The Top Cyber Security Trends in 2018 and P...
byIBM Security
 
Leveraging Validated and Community Apps to Build a Versatile and Orchestrated...
byIBM Security
 
Accelerating SOC Transformation with IBM Resilient and Carbon Black
byIBM Security
 
How to Build a Faster, Laser-Sharp SOC with Intelligent Orchestration
byIBM Security
 
Are You Ready to Move Your IAM to the Cloud?
byIBM Security
 
Orchestrate Your Security Defenses to Optimize the Impact of Threat Intelligence
byIBM Security
 
Meet the New IBM i2 QRadar Offense Investigator App and Start Threat Hunting ...
byIBM Security
 
Understanding the Impact of Today's Security Breaches: The 2017 Ponemon Cost ...
byIBM Security
 
WannaCry Ransomware Attack: What to Do Now
byIBM Security
 
How to Improve Threat Detection & Simplify Security Operations
byIBM Security
 
IBM QRadar UBA
byIBM Security
 
Mobile Vision 2020
byIBM Security
 
Retail Mobility, Productivity and Security
byIBM Security
 
Close the Loop on Incident Response
byIBM Security
 
Orchestrate Your Security Defenses; Protect Against Insider Threats
byIBM Security
 
Ponemon Institute Reviews Key Findings from “2017 State of Mobile & IoT Appli...
byIBM Security
 
Nowhere to Hide: Expose Threats in Real-time with IBM QRadar Network Insights
byIBM Security
 

Recently uploaded

PPTX
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
PDF
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
PDF
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
PDF
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
PDF
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
PDF
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
PDF
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
PDF
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
PDF
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
PDF
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
PDF
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
PPTX
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
PDF
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
PPTX
NTG - Data Center Management System Software
byMustafa Kuğu
 
PDF
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
PDF
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
PPTX
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
PDF
AI and Zero Trust: What it takes to do it right
byMark Simos
 
PPTX
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
PDF
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 
TechSprint Inauguration at SJB Institute of Technology held on 18 December 2025
bysuhasspgdg
 
Bettersize | BeSEC Series Product Brochure
byBettersize Instruments
 
CI CD Observability, Metrics and DORA - Shifting Left and Cleaning Up! - Febr...
byPeter Souter
 
What Thema can do: Leveraging metadata to support the discoverability of Firs...
byBookNet Canada
 
EU regulations for the North American book supply chain - Tech Forum 2026
byBookNet Canada
 
January 2026 OpenMetadata Community Spotlight - OpenMetadata @ Wix.pdf
byOpenMetadata
 
"When every team does things "right", but together it turns into chaos", Yozh...
byFwdays
 
Computer-Based Training (CBT) The Backbone of Modern Technical & Defence Trai...
bycomputerbasedtrainin1
 
Parental Control App for Phones_ The Complete 2026 Guide for Safer, Smarter P...
byRyan Cooper
 
Adapt.com Seed Fundraising Deck | The AI Computer for Business
byashley459565
 
Website Redesign Vs Website Refresh, What’s Right for You in 2026?
byAnuj Kumar Singh
 
Software Engineering in the Age of AI Agents
byHusseinMalikMammadli
 
Getting Started with Apache Spark: Big Data Made Simple [Free Meetup]
byHaim Michael
 
NTG - Data Center Management System Software
byMustafa Kuğu
 
Build Next-Gen Spatial & Sensor Workflows: Secure, Scalable Processing in Sno...
bySafe Software
 
When Drones Decide for Themselves_ Inside the Rise of Machine-Led Flight.pdf
byLyra Anderson
 
2026 SCORM Troubleshooting Rustici + dominKnow.pptx
byRustici Software
 
AI and Zero Trust: What it takes to do it right
byMark Simos
 
TechSprint WinterHack — Top 10 Teams Pitching Session we are excited for pit...
bybajpaitusharoffon678
 
"Painless Major Upgrade: A Strategy for Updating Large Codebases", Andrii Yat...
byFwdays
 

IBM X-Force Threat Intelligence: Why Insider Threats Challenge Critical Business Processes

  • 1.
    © 2012 IBMCorporation IBM Security Systems 1© 2015 IBM Corporation IBM X-Force: Insights from the 2Q 2015 X-Force Threat Intelligence Quarterly
  • 2.
    © 2015 IBMCorporation IBM Security 2 IBM X-Force® Research and Development Vulnerability Protection IP Reputation Anti-Spam Malware Analysis Web Application Control URL / Web Filtering The IBM X-Force Mission  Monitor and evaluate the rapidly changing threat landscape  Research new attack techniques and develop protection for tomorrow’s security challenges  Educate our customers and the general public  Integrate and distribute Threat Protection and Intelligence to make IBM solutions smarter Expert analysis and data sharing on the global threat landscape Zero-day Research
  • 3.
    © 2015 IBMCorporation IBM Security 3 IBM X-Force monitors and analyzes the changing threat landscape 20,000+ devices under contract 15B+ events managed per day 133 monitored countries (MSS) 3,000+ security related patents 270M+ endpoints reporting malware 25B+ analyzed web pages and images 12M+ spam and phishing attacks daily 89K+ documented vulnerabilities 860K+ malicious IP addresses Millions of unique malware samples
  • 4.
    © 2015 IBMCorporation IBM Security 44 Source: IBM X-Force Threat Intelligence Quarterly – 1Q 2015 and 2014 IBM Chief Information Security Officer Assessment 83% of CISOs say that the challenge posed by external threats has increased in the last three years Near Daily Leaks of Sensitive Data 40% increase in reported data breaches and incidents Relentless Use of Multiple Methods 800,000,000+ records were leaked, while the future shows no sign of change “Insane” Amounts of Records Breached 42% of CISOs claim the risk from external threats increased dramatically from prior years.
  • 5.
    © 2015 IBMCorporation IBM Security 5 According to Ponemon Institute, the cost of these breaches is on the rise Source: Ponemon Institute Cost of Data Breach Study $136 $145 $154 1 2 3 Series1 Net change over 1 year = 6% Net change over 2 years = 12% Cost per record* $136$154 $136$3.8M 23% Global average 12% Global average increase over two years increase over two years 5 Cost per incident*
  • 6.
    © 2015 IBMCorporation IBM Security 6 Recent data from IBM Security Services shows 55% of all attacks were found to be carried out by malicious insiders or inadvertent actors Source: IBM 2015 Cyber Security Intelligence Index, Figure 4
  • 7.
    © 2015 IBMCorporation IBM Security 7 New classifications of Insider Threats Disgruntled employees Malicious insiders Inadvertent insiders Quasi-insiders Traditionally, “insider threats” meant disgruntled or negligent employees were inflicting harm to the company’s assets; today many different classifications have come forward
  • 8.
    © 2015 IBMCorporation IBM Security 8 Modern trends in enterprise computing increase the attack surface of people with trusted access • Trusted users with privileged access to systems housing critical business, PII and monetary assets • The digital connectivity of IoT opens up new entry points into physical systems. • Third party contractors or suppliers can widen the attack surface • Inadvertent insiders can merely click a malicious link Social Media Trends Attack Vectors Big data MobilityCloud
  • 9.
    © 2015 IBMCorporation IBM Security 9 Spam origination efforts have become so distributed that not one country exceeds 8% of the total volume for very long. Source: IBM X-Force Threat Intelligence Quarterly, 2Q 2015
  • 10.
    © 2015 IBMCorporation IBM Security 10 Any insider, even those with the best of intentions, can inadvertently aid in an attack by clicking on a malicious link sent in a phishing email. Source: IBM X-Force Threat Intelligence Quarterly, 2Q 2015
  • 11.
    © 2015 IBMCorporation IBM Security 11 Network administrators can take a few basic steps to fend off malicious spam attachments Keep your spam and virus filters up to date. Block executable attachments. In regular business environments it is unusual to send executable attachments. Most spam filters can be configured to block executable files even when they are within zip attachments. Use mail client software that allows disabling automatic rendering of attachments and graphics, and preloading of links—and then disable them. Educate users on potential danger of spam, and actions to take
  • 12.
    © 2015 IBMCorporation IBM Security 12 User education on spam should focus on skepticism and common sense Before opening emails, clicking on links or opening the attachment, users should ask some simple questions: • Do I know the sender? • Did I expect this email and this attachment? • Does it make sense that the attachment is zipped, and is the format appropriate for this type of message and attachment type? • Which file type is in the zip file? Executable, screensavers, and unknown file types are more likely to host malicious code. Spammers use social engineering to mask malicious links, making emails mimic standard messages from: eCommerce sites $ Banks or Financial Institutions Corporate internal systems such as fax and copy machines
  • 13.
    © 2015 IBMCorporation IBM Security 13 People can be the weakest link in securing valuable data
  • 14.
    © 2015 IBMCorporation IBM Security 14 Privileged IDs are growing, so control the associated risk Administrative tasks are assigned to a large pool of staff or contractors with frequent changes. Some employees such as developers need occasional or one-time privileged access to specific resources to perform maintenance tasks. Destroys user accountability Can interfere with regulatory compliance 1 2 Several trends are escalating the numbers of privileged IDs within organizations: Creating shared IDs circumvents the need to continually add and delete accounts as users come and go, but is a bad practice. 1 2
  • 15.
    © 2015 IBMCorporation IBM Security 15 Grant user entitlements appropriately and keep them updated User entitlements should be updated to adapt to changes, especially when workers change roles or leave the organization. Conduct regular audits of user entitlements 2 Authorize users based on the least access privilege they require? 1
  • 16.
    © 2015 IBMCorporation IBM Security 16 Manage and monitor users for both security and compliance Monitor and audit IDs to highlight anomalies or misuse of account privileges Application monitoring with application-layer network visibility Use strong authentication that relies on sound policy for identity assurance.
  • 17.
    © 2015 IBMCorporation IBM Security 17 Physical security is just as important as digital monitoring Maintaining a rigorous security posture that considers not just digital but also physical security is key to protect against insider threats.
  • 18.
    © 2015 IBMCorporation IBM Security 18 Applying a broad range of security practices can help minimize insider threats Address gaps in physical security Set mail and spam settings to minimize damage from malicious spam and attachments Educate users on potential danger of spam, and actions to take Use identity governance solutions to help classify users by roles and access requirements Grant user entitlements appropriately and keep them updated Manage and monitor users for both security and compliance.
  • 19.
    © 2015 IBMCorporation IBM Security 19 Connect with IBM X-Force Research & Development Find more on SecurityIntelligence.com IBM X-Force Threat Intelligence Quarterly and other research reports: http://www.ibm.com/security/xforce/ Twitter @ibmsecurity and @ibmxforce IBM X-Force Security Insights Blog www.SecurityIntelligence.com/topics/x-force Watch SecurityIntelligence.com/Events for the registration for a July 23 webinar with X-Force researcher Robert Freeman!
  • 20.
    © 2015 IBMCorporation IBM Security 20 www.ibm.com/security © Copyright IBM Corporation 2013. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY. www.ibm.com/security © Copyright IBM Corporation 2015. All rights reserved. The information contained in these materials is provided for informational purposes only, and is provided AS IS without warranty of any kind, express or implied. IBM shall not be responsible for any damages arising out of the use of, or otherwise related to, these materials. Nothing contained in these materials is intended to, nor shall have the effect of, creating any warranties or representations from IBM or its suppliers or licensors, or altering the terms and conditions of the applicable license agreement governing the use of IBM software. References in these materials to IBM products, programs, or services do not imply that they will be available in all countries in which IBM operates. Product release dates and/or capabilities referenced in these materials may change at any time at IBM’s sole discretion based on market opportunities or other factors, and are not intended to be a commitment to future product or feature availability in any way. IBM, the IBM logo, and other IBM products and services are trademarks of the International Business Machines Corporation, in the United States, other countries or both. Other company, product, or service names may be trademarks or service marks of others. Statement of Good Security Practices: IT system security involves protecting systems and information through prevention, detection and response to improper access from within and outside your enterprise. Improper access can result in information being altered, destroyed or misappropriated or can result in damage to or misuse of your systems, including to attack others. No IT system or product should be considered completely secure and no single product or security measure can be completely effective in preventing improper access. IBM systems and products are designed to be part of a comprehensive security approach, which will necessarily involve additional operational procedures, and may require other systems, products or services to be most effective. IBM DOES NOT WARRANT THAT SYSTEMS AND PRODUCTS ARE IMMUNE FROM THE MALICIOUS OR ILLEGAL CONDUCT OF ANY PARTY.