March 29, 2016 | By Fred Donovan (c) 2016 FierceMarkets

Monitoring suspicious behavior of employees could be the key to better cloud security. That is one conclusion of a report prepared by CloudLock CyberLab that analyzed more than 10 million users, 1 billion files and 140,000 applications in the cloud.

The behavior of the top offenders when it comes to cloud security is noticeably different from the average cloud user. Top offenders trash 141 times more documents and download 227 times more documents from corporate cloud apps than the average user in a given month.

The report found that an enterprise experiences 5,732 instances of suspicious user behavior in the cloud per month, on average. Typically, 8 percent of all user logins fail or get challenged. Of these, 1.3 percent originate from countries that have been deemed risky.

The report reveals that 99.6 percent of users accessed cloud platforms from just one or two countries per week. The CloudLock CyberLab team was then able to isolate anomalies: 1 in 20,000 users, for example, logged in from six or more countries and, within this group, the CyberLab found some users logging in from as many as 68 different countries in a given week.

Cloud access security broker CloudLock has developed a new process for isolating malicious threats from the noise of other potentially suspicious or unusual behaviors in the cloud. The process, called the Cloud Threat Funnel, uses an adaptive security model that includes threat intelligence, cloud vulnerability insight, cyber research, community intelligence, centralized policies and contextual analysis. Leveraging these factors helps IT departments avoid alert fatigue and improve the precision of identifying threats, the company explained.

InCyber Comments:

The InCyber PAS Pro-Active and Predicting System has been proven 100% effective against Insider Threats. For additional information write We are now offering a Free Insider Penetration Test for up to 500 Employees using your own historical data.