Traditional security solutions, such as intrusion detection, firewalls, and antivirus are focused on monitoring and trying to preventing external threats to organization. However, insider threats are most likely to be initiated by an employee, contractor, vendor or from malware that infects the network in a dormant state. Almost all businesses today have been comprised in some way by an insider threat; however most businesses do not know they have been infected.
These types of insider threats are most likely to go undetected for long periods of time, as they move laterally across IT systems. These hidden post-infection, pre-breach behaviors include staging, reconnaissance, propagation, obfuscation, data acquisition, and ultimately, the exfiltration or loss of data are conducting activities intended to cause harm to the business.
This harm can be anything from stealing money, trade secrets, shutting down the network, or hold the network captive for ransom. The costs of a data breach (loss of sensitive data from a company) can be life threatening – in some situations even lead to bankruptcy.
Summit has been in the cybersecurity field since 1999 and we have taken a pro-active and aggressive approach to help our clients. We are working with leading edge solutions that are designed to identify, mitigate and remediate the risks associated with insider threats by utilizing behavior based analytics tools that monitor for insider threats at the application level and the network level. Our objective is to identify and block the threat before there is a data breach. Summit offers several solutions to prevent and stop cyber-attacks; from annual Penetration and Vulnerability testing to ongoing (24/7/365) continuous monitoring.