EXPERT OPINION
The highestranking members of a company are often the most lucrative targets for cybercriminals .
links , it would trigger SOC analysts to investigate further .
Finance
Similar to executives , finance departments deal with sensitive and privileged assets , proving them a goldmine for bad actors . Finance managers and staff may access quarterly budget documents , collect spending records for different organisational departments or deal with accounts receivable and payable .
They may access payroll documents – but likely wouldn ’ t be downloading information on a company vendor or employee contract , which often hold personal information like bank details , social security numbers or private addresses . Those activities should certainly raise alarm bells .
Human Resources
Chief People Officers and Human Resources ( HR ) managers often act as the primary liaison between the organisation ’ s management and employees . Human Resources are often very active on a company network due to the nature of their work , which means their network activity can be complex and difficult for legacy systems to monitor .
Using software like DocuSign or DropBox would likely be a baseline behaviour for HR departments , which would help them facilitate the hiring and onboarding of new employees . Anomalous behaviour by an HR employee might look like a user attempting to access financial records or download employees ’ personal tax documents .
Sales and marketing
Baseline behaviour for sales and marketing users would likely include accessing apps like Zoom or Skype to host sales pitches or meetings , but
they likely wouldn ’ t need to be viewing personnel files or financial documents . This type of behaviour would likely generate a high-risk score and require further investigation . They also often send large files , like design files , videos , webinar recordings , etc . and send them
Anomalous behaviour by an HR employee might look like a user attempting to access financial records or download employees ’ personal tax documents .
42 www . intelligentciso . com