Bangalore: Some of the recent Aadhaar card data leak incidents in Jharkhand, Chandigarh and other Indian states has one common trait and that is human element. Humans continues to remain at the centre of such data breaches and other cyberattacks that occurs globally whether they are caused to any human error, negligence or intentionally.
And from security perspective of organisations and enterprises, experts say that behaviour of users or employees is a very important aspect. Because in such situations the security officers (CISOs and CIOs) are more than often looking at external threats and not internally to trace out the source and links to those incidents.
In fact, Forcepoint, formerly known as Websense and Raytheon|Websense, an Austin-based security company has been trying to addressing this critical issue with a security technology built around the concept of the human point.
The human point concept basically looks into an intersection of user behaviour, their intent and critical business data in organisations. It is trying to deal with scenarios where users through technology are able to access critical data, IP and information however also continues to remain highly vulnerable in terms of security.
Today people or users are not just dealing with emails, critical business data but range of other things including computing devices, cloud based business applications as well as third party apps. This in a way increases the scope of vulnerabilities and threat landscape for organisations led by their employees or users.
“Behaviour of users is very important for security within any organisations. The human point technology is very important for identifying and detecting advance threats within the organisations,” said Nicholas Fischbach, Cloud CTO - Forcepoint Global.
“Users are very critical for security of organisation. Since they are insiders they are most trusted but they can cause more damage,” added Surendra Singh, Country Director - Forcepoint.
Forcepoint’s human point technology claims to detect and identify human behaviour of attackers and threats that are emerging from inside the organisation.
“There’s been a shift in security to DLP (Data Loss Prevention) and next trend is cloud access security. CIOs and CISOs need to balance out application agility, security and user behaviours keeping an eye on data that’s goes beyond the realms of perimeter security in organisations,” noted Fischbach.
In doing so, Fischbach emphasized on the evolving partnership between the CIOs and CISOs that would provide service agility as well as smooth security without constraints – both at the same time.
Interestingly, a global Information Security Forum report has revealed the majority of disastrous breaches came from accidental or inadvertent behaviours by good employees, with no intention of harming their organization.
In fact, 80 percent of companies according to the data say understanding behaviours are very or extremely important while 78 percent say understanding intent is very important or extremely important. Yet companies lack the ability to control and respond to threats and security related incidents.
So certainly, organisations need to keep a close watch and check on the behaviour patterns of their employees not just those disgruntled or bad but even good ones, which may accidentally leak of critical data or information.