COVER STORY
Allergan requires ongoing protection from complex threats like malicious insiders and compromised accounts .
trends and create behaviour baselines which provide the much-needed context required to spot and flag any activity that deviates too far from what is considered acceptable or normal . Constantly learning and self-improving , these algorithms help Allergan stay one step ahead of its evolving threat landscape .
THE THE RESULT
Through the use of Exabeam advanced analytics , Allergan can easily and proactively detect insider threats and compromised credentials before they develop into security breaches or loss of intellectual property .
Towers described one specific example that underscores the value Exabeam ’ s solution is delivering .
“ We had a handful of users that we know based on the analytics , and behavioural and access patterns , were behaving differently than they had in the past .”
“ We knew these users weren ’ t likely to steal data or to do anything nefarious intentionally , so our theory was their credentials had been compromised . Based on the access patterns , we investigated and found out what actually had happened and there was an attempt to steal some data . We were able to stop this before it happened .”
Exabeam ’ s behaviour-based approach to threat detection delivered value for Allergan out of the box , without the need for extensive customisation or lengthy professional services engagements . Towers said : “ One of the things we liked about Exabeam frankly was that it was by far the quickest to deploy of any of the technologies that we looked at . We were able to see value in it , and evidence that it was actually doing its analytics – and giving us potential alerts – within a few days .”
After seeing how its solution works in practice for Allergan , Towers identified three primary benefits and value propositions Exabeam is delivering : “ Number one , it ’ s proactive . We had really good capability to respond to incidents after they happened ; Exabeam now allows us to look at potential indicators before they happen .
Machine learning techniques can discover important connections between seemingly unrelated parts of identities .
“ Number two , it provides a mitigation to two of our most challenging risks : data exfiltration and insider theft .
“ It does so without a lot of tweaking , configuration or consulting time . You plug it into the network and it works .”
TWO TWO PIECES OF OF ADVICE
Following Allergan ’ s experience with Exabeam , Towers offered two pieces of advice for other CISOs looking to mitigate the risk of insider theft .
“ The first is to work with a partner that can plug into your network , adding value from the start and allowing you to convince your stakeholder that you ’ re mitigating this risk very , very quickly .
“ The other piece of advice I would give is to try not to configure every possible scenario . Don ’ t overcomplicate it . Let the technology do its work and even if you only get 80 % to 90 % of the value that you were originally intending , it ’ s better than nothing and will be a really strong indicator to your stakeholders .”
Towers concluded with the critical importance of a proactive solution that pre-empts potential issues . He said : “ There are plenty of options out there in the security world if you ’ re looking for technologies to help you respond to incidents quicker . But there are only a few I think – and Exabeam being the best – that will help you look for things and incidents before they happen .” u www . intelligentciso . com | Issue 01
53