how to prevent "Information Leakage due to Internal Fraud" - Easy countermeasures against internal fraud with next-generation SIEM -

“Inside fraud” by related parties has become a security threat. In IPA (Information-technology Promotion Agency)'s "Information Security 10 Major Threats 2019", "information leakage due to internal improprieties" ranked 5th, up from 8th last year. We hear a lot of different stories in the media. Behind this are recent social changes such as work style reforms and globalization.

Here, we will organize the background of the rapid increase in the risk of internal improprieties, and introduce the challenges and countermeasures.

Behind internal improprieties is “work style reform.” What are the changes in Japanese society that lead to injustice?

Until a few years ago, it was said that internal improprieties were less likely to occur in Japan. The grounds for this are the theory of good nature, which is a premise of Japanese culture, and practices such as lifetime employment. There was no merit because there was a risk of losing the workplace if fraud was discovered.

However, in recent years, the social environment in Japan has changed significantly. Employment has become fluid, changing jobs has become common, and harsh working environments such as black companies have become a hot topic. The introduction of telework is progressing as a result of "work style reform", and the nationalities of workers are diversifying due to labor shortages and globalization. According to the concept of the "fraud triangle" by organized crime researchers, internal fraud is likely to occur when the three points of "motivation", "opportunity" and "justification" are aligned.

for example,

• Employment fluidity creates ``motivations'' such as ``I want to take confidential information with me in order to be active in my new job,'' and ``I want to earn money by selling personal information before quitting my job.''
• Mutual monitoring does not work in telework, increasing “opportunities” for fraud
• Due to the harsh working environment, ``justification'' occurs, such as ``I don't get overtime pay even though I work so much, so it's natural.''
• Due to globalization, there are an increasing number of cases where the cultural background of employees is different from what is "normal" in Japan.

As you can see, the social environment is changing to one where internal improprieties are more likely to occur.

Internal improprieties are carried out by parties who have access rights and are familiar with data storage locations, so it is important to implement appropriate measures to prevent damage.

Three issues of internal impropriety countermeasures. Urgent need for log analysis

One of the countermeasures against internal fraud is log analysis. On the other hand, the following issues can be seen in corporate efforts. Isn't there a lot of people who have an idea?

Ideal for internal fraud countermeasures. What are the three features of the next-generation SIEM platform "Exabeam"?