Forcepoint’s Novel Approach to Insider Attacks

Cyber attacks are on the rise, and they come in new and varied forms that are meant to defeat current defense strategies and mechanisms. This is the nature of warfare, regardless of the battlefield, and cyber security needs to evolve to stay relevant. There are worries that continued AI research will lead to increasingly dangerous and effective cyber attacks, this would require any company to invest in an AI of their own to defend themselves. In the case of AI assisted cyber warfare, processing power would be a major factor and the side that can throw more computations than the other will most likely win. Even without the threat of AI driven cyber warfare, the cyber security landscape can’t remain static if it there is to be an effective defense against cyber attacks. Just as attackers are constantly tinkering and experimenting with new modes of attack,so to must the defenders alter and change their defenses. Cyber attacks work by targeting weak-points in defenses, and these weak-points are probed out hours, days, weeks, months or even years in advance. These probes go unnoticed, or the weaknesses they find go unpatched. In some cases attackers use social engineering attacks to penetrate secure networks, and these attacks are some of the oldest tricks in the books. Calling and asking for passwords or login information has accounted for hundreds of successful network penetrations over the years.

Forcepoint is a company aimed at changing the face of the cyber security landscape by focusing on a factor that’s often overlooked in modern cyber security: the user. Cyber attacks can often be linked to insiders or people who were recently part of the organization. While the rise of malicious cyber attacks from outside, unrelated sources is on the rise there are still plenty of threats from inside a company. Forcepoint seeks to reduce or eliminate these risks by using an algorithm they’ve developed that watches for suspicious behavior in employees. It does so by building baseline profile for each employee it monitors. Forcepoisnt;s software watches who the employee is talking to and for how long they talk; it also logs what websites employees visit and what they do on those websites. Forcepoint’s software is looking for patterns and observable variables that it can use to determine when an employee is going rogue. Flags like visiting new websites, talking to new people, and accessing files they normally wouldn’t would notify the relevant people about the possible threat. These software constantly updates the profile it has on employees, so a new hobby isn’t going to set the IT department on a hapless employee’s trail. Forcepoint hopes to help companies deal with the attacks and leaks that can arise when a high-up employee or member of the IT department is let go.