Vendors
日本語
search
  2. //
  3. Reports & insights
  4. //
  5. Insider for Sale

Insider for Sale

Website
Create a vendor selection project
Click to express your interest in this report
Indication of coverage against your requirements
A subscription is required to activate this feature. Contact us for more info.
Celent have reviewed this profile and believe it to be accurate.
We are waiting for the vendor to publish their solution profile. Contact us or request the RFX.
Projects allow you to export Registered Vendor details and survey responses for analysis outside of Marsh CND. Please refer to the Marsh CND User Guide for detailed instructions.
Download Registered Vendor Survey responses as PDF
Contact vendor directly with specific questions (ie. pricing, capacity, etc)
4 December 2017
Joan McGowan

Bank Insider for Sale

Bank employees are the industry’s weakest security point and banks continue to do a poor job of mitigating insider threats. My latest Celent report, Bank Insider for Sale: Analytic Approaches to Deter Bank Insider Threats recommends that banks deploy more advanced analytic techniques to combat the damage caused by insider crime.

Typically, banks use surveillance and monitoring tools to observe and record their employee activities in order to detect malicious activities. The drawback of these tools is that they only monitor single-transaction log data, such as sent email rates, website visits, data exfiltration, or changes in network permissions. They do not connect the lateral and forward activities or the “low and slow” approach of an insider attack and, more critically, they do not pick up on changes in personal behavior that may indicate an attack is about to happen.

Banks have plenty of time to detect and prevent an insider attack but they do not take advantage of the time lapse. On average, over five years elapse between an employee’s hiring and the identified start of the attack, and it takes an average of almost 32 months to be detected by the organization. Banks’ efforts remain focused on catching the culprit after the crime is committed.

If banks combine nontechnical methods, education, and user activity surveillance with more advanced personal analysis techniques, they have a better chance of spotting attributes that indicate the ideation and planning of an attack.

The figure shows examples of personal behavior indicators of an insider that is about to commit a financial fraud against the bank.

Insider threats are complex, destructive, and daring and there are serious consequences to ignoring the problem. The report concludes that an effective insider threat program is built upon a comprehensive ontology of insider threats analytic indicators that are derived from user activity and personal behavioral attributes analysis. Using this analysis, banks can put in place powerful technical and nontechnical controls and detection methods that will significantly improve their ability to mitigate insider threats.

Comments