How to Build an Insider Threat Program

How to Build an Insider Threat Program

How to Build an Insider Threat Program

Ernie Smith, BizTech (Published October 29, 2020)

Understanding the need for an insider threat program requires understanding the types of risks an organization may face, whether those risks are due to negligence or active attacks. Human resources may also play a role in insider threat assessments. The Intelligence and National Security Alliance recently released a white paper on the role that HR departments can play in uncovering potential threats ahead of time.

“The challenge in mitigating the insider threat is to devise an early warning strategy to better align organizational resources with the struggling or at-risk employee so that appropriate support or mitigation actions may be taken proactively to reduce or eliminate the risk,” the report notes.

From an IT perspective, Nigro* says, it’s worth analyzing security access organizationally to help reveal potential problems.

“It really starts to take a look at the security levels and the access levels that different individuals have,” she says. “Who has privileged information? Who has what level of access for privileged information users? Are we reviewing their background checks every year? Are we doing some due diligence from performance reviews or performance expectations around them?”

Kalember** adds that, when trying to assess insider threats, it’s important to have an understanding of what’s happening on the ground. Often, the biggest threats may not even be intentional.

“If, for example, you see somebody who appears to be taking a sensitive file that might contain your customer information and putting it on a USB stick, maybe you want to prompt them with a little bit of awareness training and actually teach them the right way to do things rather than ring a bunch of alarm bells and come down hard from a security standpoint,” he said.

Read the Full Article
*Pam Nigro, the board director of the IT governance trade group ISACA
**Ryan Kalember, executive vice president of cybersecurity strategy for Proofpoint

Caroline Henry

Close
Close

Please enter your username or email address. You will receive a link to create a new password via email.

Close

Close