Combating Insider Threat through Security Convergence Technology
Our Critical Infrastructure customers continue to remind us that Insider Threat remains a continuous worry. The Department of Homeland Security has now categorized Insider Threat as an Advanced Persistent Threat (APT). In this post 9/11 world, we are all too aware of security at airports. We are led to believe that all steps are being taken and precautions are in place. The truth is that the insider access at the airport is a vulnerability that can be easily exploited when much of the focus at airports is to counter external threats. Terrorists and other perpetrators recognize this major loophole to security and are relentlessly pushing the limits of security at airports.
To effectively respond to insider threats at airports requires predictive risk analytics and utilization of cutting-edge security convergence technology. We at AlertEnterprise, uniquely recognize that effectively addressing Insider Threat requires analyzing risks across IT Security, Physical Security and Operational Systems like SCADA etc., to safeguard critical assets. Security Convergence has not been so effective in the past. The volume of data and the number of disparate sources of information that can range from structured to un-structured data, tend to scare off the un-initiated. AlertEnterprise possesses the secret sauce to bring such divergent sources of data together and make sense out of it all. So why include SAP HANA in the mix? Predictive Risk Analytics for security took too long to process.
Going down the path of predicting the occurrence of malicious events with the hope of preventing them didn’t make much sense if the calculation would continue to process well after the incident is over. SAP HANA is used to deliver the computing power and the ability to rationalize large data sets from diverse information sources allows AlertEnterprise to process information from a myriad of identity databases like The Transportation Systems Clearinghouse, No-Fly Lists and HR systems for airports. Fast event detection and event faster response makes true prevention of threats a reality.
Insider threats come in many shapes and forms at airports, but the perpetrator is often the same: an intelligent airport employee. Hidden in plain sight, insider threats pose greater damage to our critical infrastructure, including to our physical, logical and security systems. Insiders have privileged access to airport processes and procedures, access to secured areas, and the inside scoop on an airport’s vulnerabilities.
Airports have continued to expend millions of dollars to employ greater security measures, including tighter security checkpoints, facial recognition software, full-body scanners, access control systems, intrusion detection systems, alarms, closed-circuit monitors / video surveillance and an increase in security personnel. While these measures provide additional layers of security, they only address external physical threats, with little protection against threats that arise from within
the airport organization. Effective airport security requires a multi-faceted approach to address a myriad of threats, both external and internal. It is helpful to explore these facets that comprise the spectrum of true security at airports.
THE TRUTH ON INSIDER THREAT RESPONSE
Insider threats are a crucial aspect of security that requires a heightened, innovative approach. While Airports have made great strides to secure the ‘front door’ at airports through increased passenger screenings and related efforts, the greatest threat to
airports remains unaddressed. The ever-increasing number of incidents at airports combined with documented studies reinforces this statement. Recent studies and information obtained by DHS, the FBI and other agencies, indicates
that insiders are not only utilized by terrorists to gain access to sensitive information and targets, but also insider themselves are carrying out their own chain of devastation to critical airport infrastructure.
AlertEnterprise leverages SAP HANA to deliver the fastest identification and response to threats preventing the dangers from blended threats that would otherwise go unnoticed. AlertEnterprise is a participant in the SAP Startup Focus program, look for us at the HANA Test Drive area in the D&T campus. To see our solution in action, visit AlertEnterprise (Booth #117). Also look out for us at the Micro Forums in the Startup Forum Area. We can show you why we won the Most Innovative Company Award at the SAP Startup Forum 2012.