The most likely person to steal IP is not an external threat, but rather the person who developed it and uses it every day, according to Forcepoint Chief Scientist Dr. Richard Ford. And this insider threat actually may be more difficult to detect because typical event-based security analytics may not always be adequately equipped to stop it, he explained in an interview with SC Media at the 2019 RSA conference in San Francisco.

If you use analytics, it’s easy to spot, say, when you’re accessing my data. But it’s really hard to notice that when I access my data, my intent isn’t to use it, it’s to steal it,” said Ford, who expounded on this topic in his very own RSA presentation this week. “Analytics around events is not good enough. What you have to do is change your unit of analysis and really understand the human.”

Forcepoint this week also announced the launch of X-Labs, which it’s calling the “first dedicated research division to combine deep security expertise with behavioral science research. The team will be made up of security researchers, data scientists, psychologists and counter-intelligence specialists.

Forcepoint Chief Scientist Dr. Richard Ford with SC Media’s Senior Reporter Bradley Barth at RSA 2019.