-- a term which describes the use of IT systems within an organisation without the approval, or even the
            knowledge, of the IT team -- employees at all levels can now access huge swathes of sensitive and
            business critical data.



            Prevention is Better than Cure: The End of an Era

            But why is this happening? Without a doubt, organisations of all shapes and sizes have never been more
            vulnerable to attack, thanks to a dramatic increase in entry points. In addition to the countless connected
            devices that employees carry around every day -- to and from work -- the Internet of Things (IoT) is swiftly
            expanding the scope for an attack. Consequently, the modern business has no perimeter -- or, rather, its
            staff  serve  as  the  perimeter.  This  happens  because  companies  all  over  the  world  still  haven’t  got
            appropriate protection in place that flags insider threats before they cause serious damage.

            Of course, despite the recent headlines, insider threats are not always malicious and purposeful. The
            term might conjure cloak and dagger espionage, but 'insider threats' covers myriad internal vulnerabilities.
            These  can  range  from  accidental  errors  and  compromised  credentials  stemming  from  a  socially-
            engineered  data  breach,  courtesy  of  a  lack  of  basic  cyber  security  hygiene,  all  the  way  through  to
            malevolent insiders. In fact, an McAfee report found that nearly half of the data breaches studied were
            caused by employees, contractors, or suppliers.

            For contemporary organisations, with the boundaries ever-changing, this must lead to an overhauled
            approach  to  endpoint  security  and  user  behaviour  analytics.  Traditionally,  cyber  security  companies
            strived to prevent outside attackers from penetrating a company’s network, in line with the mantra of the
            past  that  prevention  is  better  than  cure.  Now,  however,  it’s  not  a  case  of  if  an  organisation  will  get
            breached but when. As such, cyber security firms are now focusing their attention inwards, rather than
            towards a company’s boundary -- representing a seismic shift in the way IT departments and the C-suite
            alike approach the integrity of their organisations.



            Productivity is Key

            For IT leaders, the temptation can be to double down on strict security policies, introducing increasingly
            obtrusive measures in a bid to combat cyber crime. However, there’s no use implementing processes
            that ultimately make it harder for employees to work efficiently. Undoubtedly, the business will suffer as
            a result, thanks to stifled innovation and experimentation. Instead, rather than seeking to completely
            eliminate breaches, it’s just as important to rapidly identify breaches and stop them turning into full-blown
            disasters.


            This is where the power of user and entity behaviour analytics (UEBA) and machine-learning becomes
            most apparent. These technologies rapidly get to know a business and identify security risks from the
            inside, so that they can spot suspicious behaviour such as unusual out-of-hours access -- think files
            transferred  to  atypical  locations,  from  anomalous  countries.  Should  anything  suspicious  arise  --  for







                                 133