Employees are now targets within organisations rather than the network.
Uri Rivner, head of new technologies, identity protection and verification at RSA, claimed that employees can not only harm a company by accidental downloads or by leaking data, but they are the new target of cyber criminals.
Rivner said: “The adversary has changed, today it is a very well developed economy in a complex environment that is developed over a number of years.
“Most are fearing the growth of Trojans that people do not know about, employees are not aware of the type of vulnerability, they all have laptops and there are more mobile workers and smartphones and they are all connected to the network, so the exposure gets higher all the time.
“We want to be ahead of the fraudsters and not chasing them. From consumer perspective more needs to be done to educate people. Corporations are relying on technology that is no longer effective.”
He pointed to the Aurora attack from January, which he said was achieved with a simple phishing attack by targeting the employee and getting a way in.
“Some attacks are being done by drive-by download, some by social engineering, but they are all getting to the network and organisations have a dilemma, they want control without locking down the employee,” said Rivner.
With recent surveys from Sourcefire and Unisys pointing to the threat posed by employees using personal devices, which are generally unmanaged for work purposes, Rivner admitted that this does complicate things, but asked if a CISO would tell them to stop using it?
He said: “There is a level of dilemma for the security manager who wants to enable productivity and efficiency but wants to be productive. So how do you strike a balance?”
He said a solution is in the enterprise developing a new defence strategy with multiple lines of defence – data sharing, balanced analysis, next generation data loss prevention and cyber crime intelligence.
He said: “No one is sharing data and that is so crucial. How are we using data, is it just intelligence? It could be automatic, you need to understand and little by little develop a new defence doctrine.
“Aurora hit so many organisations, everyone was hit and employees were targeted and the attacks went on inside organisations for months. The reality is that in the next decade there will be focus on employees.”