PandaLabs Reveals the Cybersecurity Trends in Store for 2018 - Panda Security Webinar

Only with full visibility into employee or third-party activity across a company network can even the earliest indicators of an insider threat be detected. By monitoring both user and file activity, security and compliance professionals can be alerted to risky, out-of-policy activities and any unexplained changes in user behavior in real-time; successfully stopping and investigating any activity before it becomes a full-blown breach. Research from The Ponemon Institute shows that Financial Services organizations face the highest penalty costs of any other industry ($12.05 million annually) when they experience an insider-led incident, though they are closely followed by the Energy & Utilities and Retail sector. This cost alone is a very concrete reason to address what otherwise might seem to be an invisible problem.

One of the most-heard complaints from security experts is that often they find their work repetitive ("The CFO's laptop has been compromised... again!"), which results in the desire of trying something "new", meaning "leave for another company." Another common complaint is that the work is very compartmentalized, and there are few occasions in which the various security specialists can enjoy working as a team. One activity that can help build a team while improving the security skills of the people involved is participating in Capture the Flag (CTF) hacking competitions. In 2003 at the University of California at Santa Barbara, one of the world's largest attack-defense CTF competitions began and has grown year-after-year, pushing the limits of the players and providing opportunities for better learning. In addition, hacking competitions are a great opportunity for recruiting new talent: CTF participants are highly skilled, well-motivated, and hard-working, which are great traits for a future employee.

Unfortunately, most businesses are making the fundamental mistake when it comes to authentication and are thinking inside-out, but by thinking outside-in, they would automatically put the Customer first. Until now, strong (and not so strong) authentication to services seems to have been driven by an inside-out way of thinking. The institutions think about what works best for them: what fits into their infrastructure; what is the cheapest yet compliant approach? For customers, this means that they must use what their service provider offers to them. Companies must also be aware of insider risks and by implementing a Zero Trust approach of ‘never trust, always verify’, they can better secure the access to their assets. In this KuppingerCole webinar, we will address the following.

Security organizations are overworked and constrained. As more systems and users come online, it becomes more difficult to manage alerts and administer access to sometimes hundreds of applications for thousands of employees.