The U.S. brokerage subsidiary of Credit Suisse disclosed that former employees’ personal data was leaked last month. Credit Suisse has filed a lawsuit against 10 individuals over the matter, and it’s suspected that the defendants may be one or more former employees.
Armaan Mahbod, Director, Counter-Insider Threat, Security and Business Intelligence at Workforce Cyber Intelligence company DTEX explains how workforce cyber intelligence could’ve helped Credit Suisse to identify the attack much earlier on in the insider threat kill chain – long before the exfiltration of employee data.
Mahbod also explains how the technology could be leveraged now to convict the malicious insiders and exonerate employees who had no involvement in the breach:
"In any organization, but especially those in heavily regulated environments like financial services, it’s crucial to protect customer, employee and proprietary data. With workforce cyber intelligence capabilities and an increased transparency into user behavior activity, organizations can proactively pinpoint unusual employee behaviors to quickly determine an employees’ intent and take action if needed.
Organizations with workforce cyber intelligence solutions in place can continuously monitor anomalous behavior to stop malicious insiders far earlier in the insider threat kill chain, certainly prior to exfiltration of employee data.
The technology enables organizations to identity unusual reconnaissance behavior with regard to repository searches, local data aggregation or copy/paste, obfuscation of data, covering tracks, etc. And, given in heavily regulated organizations personal webmail and other personal activity on corporate assets is typically forbidden if not completely blocked, financial institutions would immediately pick up the use of a Gmail account for any reason. Further, with these insights, organizations have the evidence needed to convict malicious insiders quickly and to exonerate innocent employees in the event there is any suspicion around their involvement.”