Exabeam, the Smarter SIEM™ company, and Code42, the provider in insider risk detection and response, announced a strategic partnership to help security and insider threat teams quickly detect, investigate and respond to data exfiltration, and reduce risks caused by compromised, negligent or malicious insiders. Customers using the joint solution will benefit from having a full picture of their environment, even in distributed workforce conditions, with automated incident response to obstruct insider threats before data loss occurs.

Insider threats are now among the most serious security risks and are becoming increasingly difficult to manage using conventional security technologies. The huge shift to remote working in 2020 has increased the use of personal devices, and at the same time, reduced the effectiveness of existing enterprise security solutions.

Remote workers

Remote workers have also become the targets of social engineering attacks as cybercriminals attempt to exploit them

When devices aren’t accessing assets directly through the corporate network or a VPN and instead going straight to the cloud, on-premise network data loss prevention (DLP) techniques and network firewalls have blind spots. Remote workers have also become the targets of social engineering attacks as cybercriminals attempt to exploit them to access corporate networks.

The unprecedented growth in distributed work presents novel and complex insider threats -- even when compared to just months ago,” commented Grant McCormick, CIO, Exabeam. “As a result, organisations should attach greater urgency to monitoring risky activities that may impact the security of their vital data. Failure to do so creates a potentially catastrophic blind spot in the protection and integrity of enterprise infrastructure.”

Technology integration

The partnership enhances security across a variety of exfiltration vectors — across endpoint to cloud, through a technology integration, which uses the Exabeam Cloud Connector solution to ingest data that indicates risk from the Code42 IncydrTM product into Exabeam Data Lake and Exabeam Advanced Analytics.

Organisations using the Exabeam and Code42 integration will gain the ability to establish or more easily build insider threat programs and processes. These organisations’ security operations centre (SOC) and insider threat teams can:

  • Provide real-time analysis and reporting on security alerts and data exfiltration attempts across their environment
  • Accelerate investigations related to insider threats with detailed incident context across exfiltration vectors, file types, and user attributes and behaviour
  • Resolve insider risk incidents faster through a combined solution that delivers high-fidelity alerts and actionable insights, along with the ability to correlate alert information and triage incidents

Protection to systems

We can offer organisations the ability to protect their systems and data"

Ananth Appathurai, strategic partnerships and ecosystem SVP at Code42, said, “Together, we can offer organisations the ability to protect their systems and data from the malicious and accidental consequences of insider threats. This is vital as the recent changes in workplace culture evolve into permanent distributed strategies that legacy data protection solutions aren’t designed to address.”

To further support their cooperation, Exabeam is joining Code42 as a founding partner of the inaugural Insider Risk Summit, where the security community will connect to address the growing data risks from insider threats.

Detecting and responding to threats

Presented as a virtual event on September 17, 2020, it is the premier gathering for security leaders and professionals to gain knowledge, share insights and advance strategies on detecting and responding to one of the biggest security challenges: the growing risk to IP and data presented by cloud-based collaboration and decentralised work.

This technology collaboration between Exabeam and Code42 will allow employees to use the tools they need to work in distributed environments, while giving security teams visibility into how files are moving across endpoints and cloud applications,” said Chris Stewart, senior director, business development & global alliances at Exabeam. “It’s an important collaborative step, and by joining forces for events such as the Insider Risk Summit, we aim to maximise awareness of the risks of data loss from insider threats.”

Share with LinkedIn Share with Twitter Share with Facebook Share with Facebook
Download PDF version Download PDF version

In case you missed it

Intersec 2021 cancelled, Messe Frankfurt announces that Dubai trade fair will now take place in January 2022
Intersec 2021 cancelled, Messe Frankfurt announces that Dubai trade fair will now take place in January 2022

Intersec, the world’s renowned security, safety, and fire protection trade fair, has been rescheduled to take place in January 2022, organiser of the trade event, Messe Frankfurt Middle East confirmed on September 24, 2020. The 23rd edition of the three-day event was originally set to run from January 24-26, 2021, at the Dubai World Trade Centre, in Dubai, UAE. However, the event has now been moved to 2022, after extensive consultation with key industry stakeholders. Intersec Dubai 2022 “We’ve spoken to many of our exhibitors, industry trade associations, supporters, and partners over the last couple of weeks and have heard first-hand the many challenges they’re facing putting pressure on their ability to participate at Intersec in January 2021,” said Alexandria Robinson, Intersec’s Show Director at Messe Frankfurt. He adds, “Moving Intersec to its customary January dates in 2022 at the Dubai World Trade Centre will allow time for recovery.” Webinar series in 2021 Ms. Robinson said Intersec will be very active throughout 2021, via its ongoing webinar series Ms. Robinson said Intersec will be very active throughout 2021, via its ongoing webinar series, while the team is now working towards creating a virtual event early next year, so as to engage industry leaders, regulators, government agencies and opinion formers. “We might be restricted physically, but we know there is a definitive need for critical conversations and discussions to address the challenges the industry has faced,” said Robinson. Digital forum to share ideas and solutions He adds, “By hosting these talks via a digital forum, it enables us to keep connected to the industry and nurture our existing relationships, whilst sharing solutions and common goals. We’ll share further details and plans about the digital event in the coming weeks.” Intersec’s popular free-to-attend webinar series, of which there’ve been 11 so far in the last four months, have kept thousands of attendees abreast of the latest industry trends and opportunities. Ensuring safety in COVID-19 pandemic period “We know we have a vital role to play in connecting and supporting the industry, and the Intersec webinars stimulate meaningful conversations, collaborations and success stories,” stated Robinson, adding “We will continue to run these and support our stakeholders in every way possible until we meet again personally, and safely, at Intersec 2022.” She further said, “One thing is absolutely certain, our community is resilient and will bounce back. It has been involved in many frontline situations throughout the course of this year and it will continue to play a critical role in the months ahead. Throughout 2021 and come January 2022, we’ll have much to share and learn from each other.” Intersec 2020 Intersec in 2020 featured 1,100 exhibitors from 56 countries, while attracting 33,872 visitors from 135 countries. The global industry event is supported by Dubai Civil Defence, Dubai Police, the Security Industry Regulatory Agency (SIRA), Dubai Police Academy and Dubai Municipality.

What is the role of higher education to create next-gen security leaders?
What is the role of higher education to create next-gen security leaders?

Traditionally, security industry professionals have often come from backgrounds in law enforcement or the military. However, the industry is changing, and today’s security professionals can benefit from a variety of backgrounds and educational disciplines. The industry’s emphasis on technology solutions suggests a need for more students of computer science, engineering and other technology fields. The closer integration of security with related disciplines within the enterprise suggests a need to prepare through a broad array of educational pursuits. We asked this week’s Expert Panel Roundtable: What is the role of higher education to create the next generation of physical security leaders?

Transport security: utilising the cloud to manage passenger flow and improve health & safety
Transport security: utilising the cloud to manage passenger flow and improve health & safety

Throughout the COVID-19 pandemic, ensuring the safety of passengers and staff aboard public transport has been an ongoing concern. The scenes of underground trains, still packed with commuters as infection rates soared, will have raised alarm bells with bus and train managers, transport officials and government representatives alike. Now, as infection rates hold steady and people slowly return to the workplace, a rise in commuter levels, coupled with a need for strong infection control protocols, is putting a strain on an already overburdened transport system. Managing passenger flow through bus terminals and train stations, while ensuring adherence to social distancing and mask-wearing policies, can be a difficult task. On buses and trains, staff have the unenviable task of challenging any individual who flouts the rules, while attempting to maintain safe operation for the benefit of all passengers. This is where advances in digital surveillance technologies can play an important role in enhancing security, improving operations and supporting the customer facing teams in their day to day roles.  The power of the cloud Keeping businesses afloat and people connected throughout the pandemicCloud or hosted technology has played an important part in keeping businesses afloat and people connected throughout the pandemic. When it comes to physical security such as video surveillance and access control, today’s cloud-enabled systems are far removed from the outdated CCTV and manual access control technologies employed in the past. Cloud connectivity brings with it many benefits, from a security, operational and also business intelligence point of view, thanks to the powerful data that these solutions produce which can be used to inform decision making. The advantages of cloud-based physical security technologies are many, and have wide ranging applications for all areas of the transport sector; across stations, transport hubs and vehicles. When used to support staff and complement existing processes, such systems can prove invaluable for transport professionals in helping to create a safer working environment, promoting confidence among personnel and passengers, and assuring passengers who are fearful about the current pandemic that all possible precautions are being taken during their journey. Managing occupancy across bus and rail Monitoring the movement of staff and passengers is an essential part of being able to maintain a safe operation. Through the utilisation of surveillance cameras at entrances and exit points, as well as at key areas within transport terminals and on the transport mode itself, occupancy thresholds can be determined to ensure passenger numbers do not exceed safe limits. Network surveillance cameras, accessed via mobile device, can enable transport officials to check passenger flow in real-time, while live alerts to warn that health and safety protocols are being breached, enable swift drafting of security or operations personnel to address the situation. Live alerts to warn that health and safety protocols are being breached Through internet of things (IoT) connectivity, additional devices can be easily added to complement the surveillance solution and unlock further benefits. Network audio speakers can be triggered to play pre-recorded messages to alert or inform passengers. Similarly, frictionless access control, enabling customers and staff to move ‘hands-free’ through gateways and ticket checkpoints to avoid viral spread, is made possible by having an access reader which is activated, for example, via QR codes on a mobile phone. And when access readers are integrated with surveillance cameras, this will act as a second layer of authentication to grant or refuse access based on valid staff credentials. Improving security in challenging times Such technologies, interconnected and able to share data, can be used to more effectively report in real time on activity that threatens to have an adverse effect on passengers, staff and the transport environment. Significant parts of the rail network are relatively unmonitored, and inevitably these areas are more vulnerable to vandalism. Similarly, on bus services, abuse of passengers and staff, and acts of criminal behaviour remain a concern. By alerting security staff to a developing situation before it occurs, an incident can be dealt with quickly, minimising disruption to transport services. Cloud based technology can be relied on Cloud based technology can be relied on to not only help improve current services, around passenger occupancy in the current pandemic, but also to help transport officials plan for the security challenges of the future. Simple customisation and easy scalability, plus software upgrades and firmware updates to ensure the system is always up to date and operational, form essential components of a future proof solution which is capable of bringing peace of mind to the transport industry. Additionally, predicted future benefits include the potential for customers to check transport occupancy levels via a mobile app. This would inform them of particularly busy times of passenger transit, allowing more choice over when and where to travel based on real-time data, and ultimately helping to even out passenger numbers to balance journeys and greatly improve efficiency and flow. In a busy world where the demands on our rail and bus networks are now impacted by the COVID-19 pandemic, and indeed the possibility for further related challenges in the future, such cloud-connected technologies represent a worthwhile investment.