Federal agencies are frequent targets for hackers and malicious online adversaries; what greater prize is there than to take down a U.S. government site or, more lucrative still, to steal classified information by breaching an agency network. While most media attention on cyber security focuses on the threat posed by unknown network assailants, it’s become clear over the last few years that there are just as many threats to the network from inside an organization – from the reality of disgruntled employees to the potential for embedded foreign operatives. But beyond the recent high profile insider attacks, such as Snowden, Manning, and WikiLeaks, the more frequent insider ‘attack’ that is responsible for the majority of data beaches is usually an act of carelessness, a protocol that’s ignored, or a device that’s lost.
What are some strategies that government agencies can use to protect themselves not only from data spillage, but also from deliberate insider threats? While the importance of post breach measures, such as forensic analysis are well understood, agencies need to be looking for proactive strategies, such as knowing where data is stored to limit the number of attack surfaces, that keep them ahead of the attack cycle. Guidance Software recently hosted a webinar on managing the insider threat. If you’re interested in learning more about the topic please click here to listen to a replay of the webinar.