Rogue User Data Breaches have become somewhat less common over the past couple of months, with our attention focused at the incredible surge in retail data breaches and credit card information theft. That being said, initial reports of a massive insider breach at Morgan Stanley could turn out to be one of the largest rogue user incidents ever uncovered.
Morgan Stanley said this week it has fired an employee who allegedly stole account data of approximately 10-percent of its wealth management customers. The company also claims it ultimately learned of the breach during a routine scan of suspicious websites, after the leakage was not detected internally.
Two questions remained unanswered: Where was this data stolen from and how was it leaked out?
With most financial organizations using the most sophisticated technology to closely monitor their financial investments, and also judging by the quantity and quality of the data stolen, it seems safe to assume the data originated from some kind of CRM system. On the other hand, no one has ruled out the possibility this was just a spreadsheet sent outwards via E-mail. In light of the potential damage, both scenarios require the same amount of attention.
In the age of big-data tools embedded into most of our professional apps and services, detecting employees conducting unusual queries seems like a nearly impossible task. Still, in the post-Snowden work environment, organizations are expected to strengthen their ability to understand when sensitive company data is at risk in near-to-real time. As a result, the same Big-Data tech that allows companies to improve revenue results is now being leveraged to detect and investigate possible emerging Insider Threats through analytics. The good news is that all the relevant data to analyze is already there. The challenge is running the right analytics on the right data sets and having the right security analytics teams analyzing the actionable results.