Taking a No-Nonsense Approach to Insider Threat Management
By now, you’ve no doubt heard that the risk of an insider threat incident is on the rise everywhere — regardless of industry, location, or company size. In fact, 69 percent of organizations said they experienced an attempted or realized insider threat, according to a recent Accenture report.
But what does that really mean for you and your overall cybersecurity efforts?
Being the CEO of an insider threat management software provider, I often get asked that question. Folks are overwhelmingly familiar with the external threats to their systems and data, as well as the various ways to tackle detection and prevention. But rarely do security teams consider their own trusted insiders, outside of physically locking down their data with cumbersome tags and procedures, which are often circumvented. So, where do you start?
We’ve put together The No-Nonsense Guide to Insider Threat Management to give you a quick and easy rundown of insider threat management. It includes: a breakdown of past high-profile insider threat incidents, insights into the top causes, and best-practices on insider threat detection, investigation, and prevention, to keep your organization safe.
It’s Not a Movie Script…
Some of the highest profile insider threat incidents may seem as if they’re ripped from the pages of a Hollywood movie script — but unfortunately, they’re very real. Take, for instance, the recently settled $245 million lawsuit between Google and Uber over self-driving car secrets. The lawsuit alleged that Uber’s self-driving car unit (Otto) founder Anthony Levandowski downloaded more than 14,000 confidential and proprietary files from Google’s Waymo before he resigned, without his employer’s knowledge.
Each year, headlines are filled with more and more examples of companies experiencing insider breaches (whether they’re the size and scale of the Google/Uber case and otherwise). These incidents can be incredibly costly to companies — leading to the loss of millions of dollars (a report from The Ponemon Institute states the average annual cost of insider threats per organisation is $8.76 million) and serious, long-term reputational damages.
Do You Know Where Your Insiders Are?
Here’s the toughest thing about insider threats: They could be anyone, and they can be both intentional or accidental.
Two out of three insider threat incidents are caused by employee or contractor mistakes — simple slip-ups that can happen on a daily basis. For example, clicking on a phishing link in an email can open up a corporate system to hackers in seconds.
Beyond mistakes, criminal or malicious insiders can cause major trouble at organisations — whether they’re privileged users with something to gain from access to highly valuable data, or current employees under financial duress or facing a performance plan. The rise of remote working applications and Shadow IT makes it much more difficult for organisations to ensure that proper on-boarding and offboarding processes are followed, preventing unauthorised access to corporate systems.
From weak passwords to top policy violations, The No-Nonsense Guide to Insider Threat Management will show you the most common causes of insider threats to be on the lookout for, and what you can do about them.
Strategies to Prevent Insider Threats
Employee communication is an under emphasised way that security professionals can detect and prevent insider threats. Giving people clear (but not too restrictive) policies to follow, and providing in-the-moment coaching can mean the difference between a costly accident and a teachable moment.
For more strategies on how to better detect, investigate, and prevent insider threat incidents, be sure to download The No-Nonsense Guide to Insider Threat Management. We’re confident you will find it both eye-opening, and incredibly useful.
Written by: Mike McKee – CEO, ObserveIT.