IDC Opinion

written by:

DUNCAN BROWN

RESEARCH DIRECTOR European Security Practice

IDC recommendations for enterprises

1

Organisations must accept that breaches are, indeed, inevitable. Accepting this is not to take a negative stance, but to accept the reality of today's dynamic threat landscape.

2

Our research shows that the primary impediment to detecting hapless user behavior is not knowing what that behavior looks like. At face value a hijacked user looks just like any other user: they have valid credentials, and that is more-or-less all the checking that is done.

3

Whether it’s an insider or a hapless user the outcome is the same (a potential breach) so organizations must focus on all user activity. Real-time analytics of user behavior can detect activity that unintentionally exposes the organization to increased risk, and this can be stopped before real damage is done.

4

Importantly, stopping an action as it happens is an extremely effective way of educating the user community: behavioral analytics stops users from being hapless and teaches them behaviors that exemplify good security practice

Comment on Duncan's Article