Sep 04, 2013

All About User-Based Risk

This week's Whiteboard Wednesday is a primer on what user-based risk is and why it's important to trust but verify your users as part of an comprehensive security program. Jay Roxe explains in this video why the old perimeter-based concept of security is irrelevant in today's world of cloud apps and mobile devices, especially when the sophistication of social engineering attacks is on the rise.

Read Video Transcript

Hi, I'm Jay Roxe; I work on product management and product marketing here at Rapid7. Today's Whiteboard Wednesday topic is talking about user-based risk. It wasn't that long ago that many of you had carefully fully built castles. You had your firewall, you had your moat, and you didn't really care that much what people were doing inside the castle, because if they were doing something malicious, eventually, the Knights of the Round Table were going to ride them down.

I've got a couple of names that I think you'd all be familiar with. You've got Private Manning, source of the Wikileaks breach, Edward Snowden, source of 4 leaked laptops that's causing the NSA a lot of consternation, and endless other people that are the air of the keyboard and the chair that are the biggest source of risk in the enterprise today. Let's just review a couple of the statistics.

You think you've got this carefully-built firewall, and then 99% of people, if you send them 10 focused phishing emails, are going to click on one of the links. They may not put in their credentials, they may not put in their passwords, but they're going to click on the link, which means this castle starting to crumble. Then you look at the fact that 75% of organizations have some type of Cloud service in use today. How many of you know what information is each of those users is putting out into the Cloud? 80% of organizations have some type of BYOD policy in place, whether or not they're actually monitoring the information that goes out. It doesn't really matter how good your firewall is and how carefully you've built your moat, if the error between the keyboard and chair is opening the side door and letting the attackers in or pushing information out, your carefully-built castle has crumble and is now castle pwn'd.

76% of all network intrusions are due to somebody's credentials being compromised. That was one thing when it was only their credentials to the castle. When it could also be in their credentials to their Cloud service, their mobile device, or anything that's coming down the road, the game has fundamentally changed. It's no longer about monitoring traffic between assets within your firewall; you have to look at monitoring your users across on-premise, Cloud, and mobile environments, which will give a strong indication of not only what's happening, give you insight into the environment, it will help you address the risks associated with somebody's credentials having been compromised.

Thanks very much all of you for listening out there in TV land. We'll see you next week on Whiteboard Wednesday.

New Product - ControlsInsight

Assess, harden, and monitor your security controls with ControlsInsight

Download Now