When the discussion of cybersecurity begins, it is usually focused on foreign threats and attacks like ransomware and malware, but there is something even more dangerous lurking in the shadows: insider threats. These threats come from within an agency, and while not always malicious, they are always dangerous to data security. The number of insider threats has steadily increased as workforces migrate to digital and cloud technologies. How can government agencies combat these threats? Read on to learn more.
According to a recent survey from the cybersecurity firm Bitglass, 73 percent of IT professionals believe that insider threats are becoming more frequent. Over 59 percent said their organizations had at least one insider attack in the past year. As the workplace becomes more digital, it’s important for devices and cloud applications to be secured against both outside and inside threats.
“Insider attacks are harder to identify and remediate than those that originate from outside the enterprise,” said Rich Campagna, CMO of Bitglass. “If organizations want to prevent insider attacks, they have to address these security gaps.”
Read more here.
How to Neutralize Insider Threats
According to the Verizon Insider Threat Report, there are five insider threat personas that could cause an agency serious harm. These include the careless worker, the inside agent, the malicious insider, the disgruntled employee, and the feckless third party. All these personas can pose great risk to agencies, which is why it is becoming increasingly important for IT professionals to educate themselves.
“Indicators of risky insider behavior can include factors such as attempts to access information outside of normal job functions, working late hours for no required work reason, or concealing foreign contacts, travels or financial connections,” said John Grim, Verizon Threat Research Advisory Center, Investigative Response Team.
Read more here.
Ex-NSA Director on Insider Threats
Ret. Admiral Michael Rogers, former head of the National Security Agency, weighed in on how to handle the risk of insider threats and protect an organization’s data.
“No. 1: Who has access to what data; what [access do they] need? That’s very important,” said Rogers. “And No. 2, understanding your population. For us in the government – at the NSA – it was uniform military, [civilians], and contractors. We had to build a strategy for three distinct populations in the workforce that sometimes operate with slightly different rules, slightly different responsibilities. What works for one doesn’t necessarily work for the other.”
Read more here.
Interested in learning more about insider threats? Subscribe today.
