Connect with us
SIS

Industry News

5 Best Practices to Prevent Insider Threats in 2019

George Miller

Published

on

5 Best Practices to Prevent Insider Threats in 2019
Image Source: gcc.com.cy
Reading Time: 4 minutes

 

Data breaches caused by insiders cost enterprises millions of dollars. According to the Ponemon Institute, every year, companies lose up to $8.7 million due to insider threats. To ensure an appropriate level of enterprise data protection, security officers continuously look for ways to improve their current insider threat management solution. With the following insider threat management best practices, you’ll be able to protect your sensitive business information and keep malicious insiders at bay.

1. Consider access controls

It’s essential to keep your critical assets inaccessible for malicious insiders. First and foremost, deploy multi-factor authentication (MFA) for the most valuable systems, applications, and services. Your goal is to make sure that any malicious insider won’t be able to borrow a password from their colleagues and get a hold of the data they aren’t supposed to have access to. Therefore, you need to look for an insider threat management solution with a built-in MFA functionality.

By implementing MFA, you can make sure that the person attempting to enter the protected perimeter are who they claim to be. At the same time, the use of MFA makes it way harder for malicious insiders to access your company’s sensitive information.

It’s also important to have a good password management policy in place. The most basic recommendations include forbidding the use of default and simple passwords and changing passwords upon certain events (say, employee resignation) or after some periods of time (say, every month or every quarter).

2. Limit access whenever possible

Once you managed to make sure that only the right people can get access to your network and critical assets within it, it’s time to think about the access permissions each of your company’s employees has. It’s best to take some technical measures to mitigate insider threats and deploy the so-called least privilege principle when employees only have the exact access level they need to do their job.

But today, more and more companies go even further and deploy a zero trust security model. In a zero trust network, there’s no general protected perimeter that distinguishes trusted insiders from untrusted outsiders. Instead, each critical asset or system is fully protected from both insiders and outsiders, thus mitigating internal and external threats to cyber security.

Such an approach works best for the companies that cooperate actively with third-party vendors and subcontractors. It’s also a great solution for the enterprises with a bring your own device (BYOD) policy in place, allowing their employees to use personal devices for work purposes.

3. Monitor employee activity

User activity monitoring is the basis of many insider threat protection techniques. You need to be able to see what’s going on within your network, in real-time at best. When choosing among the solutions to protect against insider threats in cybersecurity, pick the one that allows to see a particular user session and terminate it if necessary.

Many companies also look towards User and entity behavior analytics (UEBA) as the key to effective threat monitoring and protection against insider threats. Advances in machine learning technologies allow building user profiles that include normal baseline behavior patterns for particular users or roles. Registering activities that deviate from these patterns may help detect malicious insiders and mitigate possible threats at an early stage.

4. Analyze logs and respond to security incidents

Continuous user activity monitoring is meant to give you full visibility across the enterprise network and provide you with detailed data for further analysis. Depending on the user monitoring solution, user activity logs may contain different types of information:

Names of files and applications opened by the user:

  • URLs to the visited websites;
  • Logged keystrokes;
  • Recorded sessions, and more.

The proactive incident response also plays a significant part in building an effective insider threat cyber security program. There’s no point in detecting a malicious action if you’re unable to respond to it properly and, therefore, prevent a data breach from happening.

Look for an insider threat prevention solution that allows you both receiving real-time notifications about the detected security incidents and automating responses to the most common types of incidents. For instance, if the system registers, say, three unsuccessful login attempts, the account a user tried to access will be blocked.

Finally, if you want to be able to analyze all of the logged information on a deeper level, make sure that your insider threat prevention solution supports forensic data export.

5. Pay special attention to third-parties

Remote access control and protection is an essential part of the modern insider threat management program. Today, more and more organizations hire remote employees and grant access to critical corporate resources to third-party vendors and contractors. But, as reported in a 2018 study by the Ponemon Institute, third-party vendors were the cause of nearly 60 percent data breaches.

If granting third-party vendors access to business-critical data, systems, and application is a common practice for your organization, make sure you have an appropriate third-party management solution in place. Leverage all of the above-mentioned tools and practices to protect your corporate data from unauthorized access and use.

If your third-party subcontractors are using a shared account for accessing your corporate network or business applications, it’s preferable to add secondary authorization as an additional protection layer. This way, you’ll be able to clearly associate each session initiated under the shared account with a particular user.

And, finally, make sure that your third-parties are well aware of your organization’s cybersecurity policy and know what cybersecurity rules they must follow.

Conclusion

Insider threats have one of the biggest impacts on enterprise cybersecurity. In order to mitigate the risks related to insider threats, organizations should deploy complex solutions that include monitoring and audit of user activity, granular access and privilege management, and effective incident response.

 

This article is a contribution from Marcell Gogan.  Marcell is a specialist within digital security solutions, business design and development, virtualization and cloud computing, R&D projects, establishment and management of software research direction – working with Ekran System. He also loves writing about data management and cybersecurity. 

George Miller started his career in content marketing and has started working as an Editor/Content Manager for our company in 2016. George has acquired many experiences when it comes to interviews and newsworthy content becoming Head of Content in 2017. He is responsible for the news being shared on multiple websites that are part of the European Gaming Media Network.

Continue Reading
Advertisement
Comments

Industry News

Codere Appoints Luis Sánchez Serrano as Corporate Director of Technology and Digitalisation

Niji Narayan

Published

on

Codere Appoints Luis Sánchez Serrano as Corporate Director of Technology and Digitalisation
Photo Source: 1businessworld.com
Reading Time: 1 minute

 

Gambling group Codere has appointed Luis Sánchez Serrano as the Corporate Director of Technology and Digitalisation. Luis Sánchez will report directly to the Group’s general director, Vicente Di Loreto.

Luis Sánchez has more than 23 years of experience, mainly in the banking industry, in companies such as Liberbank, Bankinter, Banco Espirito Santo, has proven capabilities in the design and implementation of transformation projects, innovation and digitalisation of organisations , as well as a broad strategic and transversal vision of the main processes and technological solutions of the market.

“This incorporation strengthens our team and consolidates the strategy of change and transformation undertaken in our group to continue fulfilling our commitment to the client and creating value,” Vicente Di Loreto said.

Continue Reading

Industry News

Pollard Banknote Adds GALAGA™ to its Portfolio of Licensed Brands

Niji Narayan

Published

on

Pollard Banknote Adds GALAGA™ to its Portfolio of Licensed Brands
Reading Time: 1 minute

 

Pollard Banknote Limited has added the classic arcade game GALAGA™ to its portfolio of licensed brands. Under an agreement with BANDAI NAMCO Entertainment America Inc., Pollard Banknote will offer GALAGA™ branded instant tickets to its lottery clients. Pollard Banknote’s suite of licensed brands includes several powerhouse arcade games from the early 1980s.

As per the agreement, Pollard Banknote will leverage the GALAGA™ signature logo and colourful pixilated icons for eye-catching ticket designs and promotional merchandise. The ticket artwork will utilise distinctive GALAGA™ imagery to mimic the game’s acclaimed playstyle. GALAGA™ branded merchandise, including full-sized vintage arcade games, will be available to lotteries for social media contests and second chance draws.

“Pollard Banknote’s retro arcade brands have captivated lottery players around the globe, and we are confident that GALAGA™ will give players more of the classic arcade look and feel they love. We look forward to helping lotteries bring GALAGA™ to market, supported by our 360˚ approach to marketing and promotional programs that promote player excitement and engagement,” Brad Thompson, VP of Sales and Marketing at Pollard Banknote said.

Continue Reading

Industry News

Evolution Gaming: Interim report January-June 2019

George Miller

Published

on

Evolution Gaming: Interim report January-June 2019
Reading Time: 3 minutes

 

Evolution released today its Interim Report for January-June 2019.

 

Second quarter of 2019 (Q2 2018)

  • Operating revenues increased by 45% to EUR 85.7 million (59.3)
  • EBITDA increased by 63% to EUR 42.7 million (26.2), corresponding to a margin of 49.8% (44.2)
  • Profit for the period amounted to EUR 34.5 million (20.1)
  • Earnings per share amounted to EUR 0.19 (0.11)

January-June 2019 (1H 2018)

  • Operating revenues increased by 49% to EUR 165.0 million (110.8)
  • EBITDA increased by 63% to EUR 78.6 million (48.1), corresponding to a margin of 47.7% (43.4)
  • Profit for the period amounted to EUR 63.1 million (36.7)
  • Earnings per share amounted to EUR 0.35 (0.20)

Comments from CEO Martin Carlesund:

“Evolution’s strong development continues, and we can report continued high growth and further improved margin in the second quarter. 2019 is a year of product and innovation, and during the period, we have launched all this year’s new games. The response has been instant, and we are overwhelmed by the positive reception among both players and operators. Our aim in the development has been to create games that attract new player types and to expand the Live vertical into new segments, and so far, we are very happy with the outcome. All games, from the new titles within the Game Show category to the dice games, find their audiences and we see a significant increase in the number of players. The new games are not as staff intensive as the traditional table games, which in combination with a generally high efficiency in all studios contribute to the margin development. The extended portfolio also contributes to the revenue growth, but it is important to note that most of our revenues continue to derive from our core games and that the new games are still in an early stage post-launch. However, all new titles contribute to a generally higher interest in Live Casino and we believe that the Live vertical will continue to grow its share of the total online casino market. When the Live vertical grows, we take market shares – as do our customers with access to the new games.

Revenues amounted to EUR 85.7 million, which is 45 percent higher than the corresponding quarter last year. EBITDA amounted to EUR 42.7 million with a margin of 49.8 percent, which is the highest margin recorded so far in a single quarter. In the first half of the year, the margin was 47.7 percent, and we expect to be able to sustain this level in the second half as well which is why we increase our expected margin range to 47-49 percent for the 2019 full year.

The positive market development continues. The Nordics are growing, however at a somewhat slower pace as the Swedish market now is normalising following the intense start to the year as a result of the new gaming legislation. The UK continues to stabilise and is growing compared to the corresponding quarter last year. Both Rest of Europe and Rest of World also exhibit favourable growth.

Going forward, we will continue to invest in the development of both additional game shows and other innovative product types, as well as table games to meet the overall demand for Live. We also continue to invest in our studios. During the quarter, we have transferred the first tables to the new Malta studio, while also expanding the studio in Georgia. In addition, we have initiated a doubling of the capacity in New Jersey. We will also strengthen our presence in the US further and have started the planning for the construction of a studio in Pennsylvania. All in all, investments for the 2019 full year in absolute numbers will be somewhat higher than in 2018. It is imperative for us to meet the demand for Live, to continue to enable innovation within the company and to constantly increase the gap to competition. Connected to this, it is important to remember that in a case where we must prioritise, we will always put growth before margins.

During the first half of the year, we have laid the foundation for Evolution’s continued leadership in Live Casino. A proof of this was when we received the award as Live Casino Supplier of the Year for the tenth consecutive year at the EGR B2B Awards in June. The award goes straight to all our employees. I am immensely proud of everyone’s achievements so far this year, and the innovation power they possess creates confidence for the future.

Since Evolution’s inception, we have had a paranoid approach to our development, and given all achievements so far in 2019 I would like to conclude these comments by pointing out that we are never fully satisfied, we never sit back and each day, we fight to become a little bit better.”

 

Continue Reading
Advertisement
NSoft

Global Gaming Industry Newsletter – Weekly Digest (sent every Wednesday)

Please select all the ways you would like to hear from European Gaming Media and Events:

You can unsubscribe at any time by clicking the link in the footer of our emails. For information about our privacy practices, please visit our website.

We use Mailchimp as our marketing platform. By clicking below to subscribe, you acknowledge that your information will be transferred to Mailchimp for processing. Learn more about Mailchimp's privacy practices here. Read more about European Gaming Media and Event's Privacy Policy and Terms of Service.

Subscribe to our News via Email

Enter your email address to subscribe to our news and receive notifications of new posts by email.

Latest by author

Trending

Notice for AdBlock users

We are constantly showing banners about important news regarding events and product launches. Please turn AdBlock off in order to see these areas.