Security teams don’t have enough quantitative insight into changing risk levels for their most privileged users. Most of the time information is available post incident – it is too late.
Lack of advanced insight into users most likely to fall for Ransomware, Credential loss, Account takeover and other IP theft incidents.
Based on Security Reputation Scores, Security teams can get regular notifications of privileged users that have elevated levels of risk. Using this information, Security teams can take proactive measures like additional monitoring or targeted communications to reduce the likelihood of an incident.
Using Security Reputation Scores, which reflect changes in specific risk levels that are specific to certain threats – (e.g.) Ransomware. Security teams can recommend additional controls, monitoring or specific communications to targeted employees.
When Incident Response teams are triaging an incident they can use specific attributes of the Security Reputation Score to be more effective (e.g.) If the score shows a continued weak performance on data handling for a certain user that could point to a data loss vs. compromised account as the area for them to investigate first.
Benefit / Impact
With advanced (early) warning, Security Teams and SOC/IR teams can work better together to reduce the frequency and impact of cyber incidents.
Similar to a ”Shift Left” movement in DevSecOps, connecting and shifting security insights from security technologies into a human risk framework can help improve existing policies, controls, monitoring and communications.