What We Do
How We Do
Get Started
Incident report

Malicious Insider - A Laid Off Employee Takes a Parting Gift

Insiders who use their computer access to steal proprietary data or intellectual property can cause significant business losses. Unfortunately, despite the potential negative impact, their malicious activity is often harder to detect and prevent. Because they use legitimate credentials to access data and information on company networks, their activity does not usually trigger an alert via most information security technologies in place at organizations. To detect malicious insider activity, organizations must have behavior-based detectors in place to recognize routine network behavior, and flag abnormal activity. 

An investment banking firm and long-time customer of eSentire that had already been utilizing MDR for Endpoint, MDR for Network and MDR for Log to protect their network added MDR for Insider Threat to their portfolio of protection. The customer was onboarded to the service and MDR for Insider Threat began collecting data and mapping normal network behavior. Within two weeks, MDR for Insider Threat learned enough to detect suspicious activity that had occurred. 

Read this incident report to see how a recently laid off employee had used his access to exfiltrate sensitive intellectual property before his departure from the organization. 

Get The Incident report