growing number of devices with access to sensitive data, and the growing complexity of information technology.
Successful attacks are costly.
In its “2018 Cost of Insider Threats” survey of more than 700 organizations around the world, the Ponemon Institute found that the mean cost of an insider threat was $8.7 million. Nearly two-thirds of attacks were traced to negligent – not malicious – behavior of a staff member or a contractor. Ponemon also found that organizations required an average of 73 days to contain an incident, with only 16 percent of cases contained in less than 30 days.
The Right Solution
In November 2018, the National Insider Threat Task Force (NITTF)
released the Insider Threat Program Maturity Framework to help agency programs “become more proactive, comprehensive, and better postured to deter, detect, and mitigate insider threat risk.”
The answer is CDW•G’s Security Management Infrastructure (SMI), a modular platform specifically designed to combat insider threats. Through “persistent and intelligent monitoring,” SMI analyzes and correlates data, using pattern recognition to isolate aberrational access and data handling behavior, Erbach says. “Our customers
have so many choices in security products, offering a multitude of differing protections, but they are not confident in what the optimal combination of products are for their specific environment. What really are the right pieces for a
complete threat solution? They also wanted flexibility so they wouldn’t get locked into any one company but potentially reuse product investments already deployed.”
CDW•G works with more than 1,000 industry partners
to select and integrate the technology components suited to each customer’s needs. The resulting composite, flexible, scalable solution meets NITTF’s requirements for “resilient and adaptable programs to address an evolving threat landscape, advances in technology, and organizational change.”
For more information: www.cdwg.com/federalSMI
Security Management Infrastructure
CDW•G’s SMI, a modular platform designed to mitigate insider threats, secures data through the intelligent and persistent monitoring of users’ behavior and activity. The platform’s alerting system enables an organization to make decisions, in real time, that protect against data exfiltration and other harmful activity.
The SMI’s dashboards provide status updates on activity such as intrusion detection, issuing alerts when someone uses a USB stick in an unauthorized way or copies critical software from repositories — and revealing whether the person who made the copy was authorized to do so.
The security management platform can also automate breach mitigation actions, locking down systems or limiting access based on individual behavior requirements. Organizations have the ability to fine-tune those features as part of an SMI deployment.
CDW•G’s SMI architecture complies with NIST 800-53 requirements and uses Risk Management Framework (RMF) Controls.
“SMI can eliminate the vast majority of customer’s vulnerabilities ... for a quarter or a third of what it would cost an agency to roll it out on their own,” says Mark Erbach, strategic
development manager for CDW•G.
FCW | CUSTOM REPORT