Security Market Segment LS
Thursday, 06 August 2015 15:03

The threat from within - stupidity, bribery, coercion or revenge


For the most part enterprise security has been about anti-virus, firewalls, spam and phishing filters all defending the perimeter. All that is necessary but it is not enough especially in where data security is mandated.

LogRhythm, an independent security intelligence company that unifies next-generation Security information and event management (SIEM), log management, network and endpoint monitoring and forensics, and advanced security analytics says that the majority of compromises are now from employees who are coerced, intimidated or bribed to open up security holes or steal data.

It has released the findings of an Australian workplace security study conducted by Galaxy Research of 1003 employees and managers from mid-large Australian companies. Not surprisingly 31% reported at least one recent ‘security event‘ at their workplace.

33% of employees and 43% of managers said that confidential company information is susceptible to being stolen or accessed by unauthorised people. 72% of workers believe the greatest threat to data security is employee related due to them downloading infected files or malware, or simply not thinking about security. And 16% admitted to accessing documents that they shouldn’t really be looking at.

With the growing practice ‘Bring your own device’ and of telecommuting organisations are facing additional risks: 45% of workers and 68% of managers have checked work email while at home. 22% of workers transfer confidential information, even if it is to be used for legitimate work purposes at home, to a personal computer, laptop or USB stick.

I spoke to Simon Howe, LogRhythm’s ANZ Sales Director to get some further insight into just what the company does and how that differs from traditional perimeter protection.

“Companies still need traditional perimeter protection. LogRhythm is an intelligent overlay that analyses in real-time what is going on based on the logs and data from firewalls, active directory, anti-virus, networks and so much more and puts this in an understandable and actionable format. It provides the visibility for threats as they happen. The threat of today is more sophisticated. It may look like an errant login, a bulk copying of data, or unusual employee behaviour. It is only when you overlay a SIEM system over all these disparate data sources can you see what is happening – the mean time to detect is very much shortened,” he said.

“LogRhythm views cybersecurity education as one of its primary drivers. Raising awareness of cybercrime and the dangers to corporations, their employees and customers is crucial to building a culture that always has data security front of mind. This then flows into equipping individuals with the right tools to help them tackle the threat of costly and disruptive cybercrime,” he added.

“The biggest threat today is not from nation states (they can hack in if they want to) but from compromised employees. An innocent – or not so innocent click on a malware link, a stray USB drive containing a malware downloader being used, or covert espionage all happen,” he said.

LogRhythm’s Top Tips for a Security Conscious Workplace:

  • Understand how employees are accessing their work files and build a security solution that will enable them to do their work and not compromise your system.
  • More than 60 percent of cyber-attacks originate from breach of credentials. Remember to tell your employees to store them in a secure location!
  • Employees are great assets to a company but internal breaches are one of the hardest threats to mitigate. Organisations need a solution that will enable them to reduce the mean time to detect such threats and respond before material damage is done.
Read 2623 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


Thoughtworks presents XConf Australia, back in-person in three cities, bringing together people who care deeply about software and its impact on the world.

In its fifth year, XConf is our annual technology event created by technologists for technologists.

Participate in a robust agenda of talks as local thought leaders and Thoughtworks technologists share first-hand experiences and exchange new ways to empower teams, deliver quality software and drive innovation for responsible tech.

Explore how at Thoughtworks, we are making tech better, together.

Tickets are now available and all proceeds will be donated to Indigitek, a not-for-profit organisation that aims to create technology employment pathways for First Nations Peoples.

Click the button below to register and get your ticket for the Melbourne, Sydney or Brisbane event



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News