For over 25 years, Haystax has been the provider of world-class commercial software products for direct use by individuals in the agencies charged with protecting our communities, cities, and country. Thus, our product is one of the most widely deployed risk management software solutions, used by school, law enforcement, fire, emergency management, and other government agencies across the United States.

Image module

Haystax for School Safety

Haystax meets the constantly evolving challenges of providing safe learning environments for students, faculty, staff, and local security partners by integrating all vital incident and school facility information into a single, online platform.  Physical assessments and behavioral assessments along with the ability to report and monitor incidents on or near campus are hallmarks of Haystax for School Safety.  Know your threats sooner, respond faster, and effectively coordinate actions for all stakeholders.

Image module

Haystax for Public Safety

Law enforcement professionals are called upon daily to perform a broad range of tasks—from routine patrols, intelligence gathering and investigations to major crime and incident responses. Their challenge is to ensure public safety despite incomplete intelligence, limited cross-jurisdictional information sharing, and tight budgets. Haystax helps law enforcement agencies prepare for and respond to any crisis with a dynamic picture of emerging threats, rapid  intelligence-collection and incident-reporting tools, and a seamlessly integrated user environment that  ensures maximum collaboration and analytically sound command decisions for rapid response.

Image module

Haystax for Enterprise Security

Haystax has developed a suite of applications designed specifically to help corporate security decision-makers and analysts navigate this challenging environment. Haystax alerts corporate leaders to their most likely threats and natural hazards, provides critical security and operational information about each physical facility, regardless of its size or geographic location, and allows risk managers to identify and mitigate their biggest vulnerabilities. Moreover, the Haystax platform enables security teams to manage incidents and major events—from the ops center or out in the field.

Equipped with these insights, CSOs can better anticipate their risks, communicate with leadership and limit their company’s exposure to financial, legal and reputational liabilities.

PrevSchool Domain Awareness Defined21 October 2019NextHaystax at NFCA04 November 2019

A New Way to Hunt Insider Threats

October 23, 2019

One of the questions our parent company Fishtech Group has been asked repeatedly during its nationwide Threat Hunt Tour is: “How can we do a better job of mitigating our insider threats — not just the external ones?”

Good question. And very timely, considering that 70% of companies in a recent survey conducted by Haystax and Cybersecurity Insiders said insider attacks have become more frequent in the past 12 months.

At Haystax, we believe the most effective insider threat mitigation programs seamlessly combine policies, processes and technologies into a comprehensive risk-based approach that can detect insiders regardless of whether they are malicious, willfully negligent or simply unaware of the harm they’re causing.

As part of that approach, the optimal technologies use a blend of analytic techniques to assess and prioritize workforce risk. For example, Haystax employs probabilistic models, enhanced with rules-based triggers and machine learning algorithms, to detect and prioritize anomalous behavior among trusted employees at government and private enterprises alike.

September was National Insider Threat Awareness Month, an ideal opportunity for the Haystax team to reflect on some of the top challenges that small and medium enterprises need to focus on as they hunt for insider threats:

  • Consider the wide variety of insider threat personas, for example. Haystax has been supportive of a Verizon study that took organizations to task for looking primarily for malicious insiders, ignoring several other kinds of threat behaviors that are often just as harmful. Verizon lists not one or two, but five, categories of insider threat: Careless Worker; Inside Agent; Disgruntled Employee; Malicious Insider; and Feckless Third Party. It takes a particular kind of analytics to distinguish between them.
  • Continuous vetting is the new black. It’s no longer sufficient for an organization to screen employees once before they walk in the door. Examples abound of people ‘going rogue’ after a few years of employment, due to a variety of factors that can include financial stress, failed relationships or poor HR reviews. As a result, employers need to find a way to continuously vet (aka evaluate) their staff, executives and even their vendors and contractors. Haystax has blogged numerous times about the issue, including here, here and here.
  • Most malicious insiders are smart enough to conceal their behavior and blend in well with the normality around them. In these cases, it takes the ability to turn qualitative information collected from a wide variety of sources, including fellow employees and anecdotes, and transform it into quantitative evidence used to ‘connect the dots‘ and catch a spy or saboteur or fraudster before he or she can do real damage. See the recent Haystax use case on convicted Cuban spy Ana Montes for an example of how that works.
  • Despite its wide use, the term user behavior analytics (UBA) has come to mean something quite narrow: analysis of user behavior on networks and other systems, and the application of advanced analytics to detect anomalies and malicious behaviors in those systems. Find out why that network-centric approach is not adequate to the task of catching your most dangerous insiders — and why a person-centric analytical approach is.
  • Also find out why small businesses are most vulnerable to insider fraud, and how the U.S. government’s latest Insider Threat Maturity Framework still leaves some key questions unanswered.
  • Finally, the Haystax white paper To Catch an IP Thief lays out in detail the events that lead a fictitious senior executive down an unhappy path from star executive to full-blown insider threat in the space of less than four years — and how the Haystax Analytics Platform would have detected him before he could steal his company’s valuable intellectual property.

Since October is National Cybersecurity Awareness Month, it’s also an opportune time to showcase Fishtech Group’s Security-as-a-Service division, CYDERES, a top-rated managed security services provider (MSSP) for detecting internal and external cyber threats.

A brand new partnership with Alphabet unit Chronicle gives CYDERES the ability to deliver managed detection and response services for Chronicle’s new Backstory platform. This partnership offers clients unmatched capabilities for threat hunting, incident investigation and ultimately detection and response.

#  #  #

Note: There are 10 Fishtech Threat Hunt Tour sessions to go between now and the end of the year. Click here to register for the one closest to you, and learn how CYDERES and Chronicle can help you hunt down your external and insider threats in an entirely new way.

Related posts