To mitigate the threat posed by malicious insiders or attackers who compromise real users' credentials, businesses must create a baseline of legitimate user behavior and activities, then monitor for any unusual behavior.
So says Idan Tendler, CEO of information security firm Fortscale, which taps data from numerous sources - system logs, network devices, IP address checks, email contents, as well as third party research and threat-intelligence feeds - to help create and monitor a baseline of "normal" user behavior, and sound alarms when that behavior deviates from what's expected.
In an interview at the RSA Conference 2015 - where Fortscale was one of 10 firms selected to compete in the annual RSA Innovation Sandbox contest - Tendler details:
- How user behavioral analytics can be applied to better mitigate insider threats;
- Fortscale's finding that 82 percent of external attacks that target an enterprise employ valid user credentials;
- Lessons learned from the leaks by former National Security Agency contractor Edward Snowden.
Idan Tendler is CEO and co-founder of startup firm Fortscale, based in San Francisco. He was formerly head of the cyber group at Elbit Systems, an Israel-based international defense electronics company, business development manager for water and wastewater treatment startup Aqwise, and business analysis manager for Israel-based investment group Elron. He also served as a captain in the Israeli Defense Force's Technological Intelligence Unit.