FireEye’s Mandiant strengthens its repertoire, introduces new services to counter insider threats
Digital Edge Bureau 23 Mar, 2021 0 comment(s)FireEye, one of the leading players in intelligence-led cyber space, has unveiled two new insider threat security services from Mandiant – Insider Threat Program Assessment; and Insider Threat Security as a Service. The new services help organizations establish or scale up insider threat programs and are designed to provide ongoing protection against rapidly evolving and dynamic malicious activities within organizations. FireEye’s Mandiant offers incident response, assessment, transformation, managed detection and response, and training services with hands-on tactical support.
Insider threat events impact organizational reputation, customer trust and investor confidence. In 2019 and 2020, Mandiant responded to numerous customers who experienced corporate and economic espionage, data and backup destruction, and intentional data theft and leakage. The rise in incidents is an increasing challenge for organizations of all sizes and missions as insiders are, by definition, those organizations trust most.
Jurgen Kutscher, Executive Vice President, Service Delivery, Mandiant Consulting, said, “Legitimate access to controls rules the cyber threat landscape. Insider threat investigations are complex to solve and rely on combinations of technical forensic analysis, threat intelligence capabilities and traditional non-cyber investigative techniques. “No one understands this unique threat vector better than Mandiant. This is the reason we formalized a service model to help commercial and government organizations design, assess and establish a continuous, full-spectrum insider threat visibility and prevention program”, elaborated Kutscher.
Mandiant uses a ‘follow the data’ security model to deliver actionable, organization-specific recommendations. This approach is designed to identify weaknesses and vulnerabilities across existing safeguards, improve program capabilities and reduce the overall risk of insider threats. Mandiant Insider Threat Security Services are controls agnostic and available as a point-in-time assessment or an ongoing, subscription-based program.
Insider Threat Program Assessment
The Insider Threat Program Assessment is a purpose-built, point-in-time service to assess organizations with a nascent or existing insider threat security program. Designed to follow the data rooted in three core domains – people, processes and tools – Mandiant leads dedicated workshops to identify gaps and vulnerabilities in the client’s specific environment. Available in three tiers to meet situational client needs, the Insider Threat Program Assessment delivers detailed, organization-specific recommendations and actionable roadmaps for tailored program outcomes.
Insider Threat Security-as-a-Service
The Insider Threat Security as a Service is a holistic, subscription-based program that provides organizations with continuous, full-spectrum insider threat visibility, prevention, incident response, remediation and real-time threat intelligence. Powered by Mandiant Threat Intelligence, this service is imperative for organizations with a remote workforce and sensitive data that could be stolen or leaked. The Insider Threat Security as a Service provides delivery of regular executive briefings, insider threat activity case files and reporting, and threat intelligence specific to the client’s environment. Available in three tiers, this service has comprehensive coverage and expertise to accommodate program needs of all sizes, at scale.