Why Insider Threat is More an Organizational Process Problem, Than a Technology Problem

When security experts talk about insider threats, all too often they treat technology as both part of the problem and the solution. They highlight how technology can be the force that allows insider threat to flourish, and conversely how it can be used as a primary prevention tool. But it’s important to keep in proper Read more about Why Insider Threat is More an Organizational Process Problem, Than a Technology Problem[…]

Starting an Insider Threat Program with Limited Resources

Security is viewed as a cost center in many organizations. If there is not already an insider threat program in place, its value will often have to be demonstrated to senior management first before additional resources are allocated. If you are tasked with launching a new program (or overhauling an existing one) consider first how Read more about Starting an Insider Threat Program with Limited Resources[…]

Breaking Down the Insider Threat Identification

At the heart of any Insider Threat Program is this essential question: How do we identify who is an insider threat or is at risk of becoming one? An organization can tighten processes, establish policies, put in additional safeguards, enforce separation of duties, etc. But in the end, if a malicious insider is determined, he Read more about Breaking Down the Insider Threat Identification[…]

Defining Three Different Kinds of Insider Threat Issues

Security threats to organizations can be broadly categorized into external threats and insider threats. An external actor usually must do some leg work or research to first identify, then figure out how to take advantage of, an organization’s weaknesses. They are not a member of the organization, so they must either hide their presence or Read more about Defining Three Different Kinds of Insider Threat Issues[…]

Why Every CEO Should Be Concerned About Hillary Clinton’s Email Server Problem — And What They Need to Do About It

If you thought the rancor over Hillary Clinton’s email server was just about politics, think again. It’s not about the “classification” of the documents; it’s about the combined content and who might benefit from it. If your company’s size or world-winning innovations can move markets then you too could be a target. Every high-level executive Read more about Why Every CEO Should Be Concerned About Hillary Clinton’s Email Server Problem — And What They Need to Do About It[…]

Your Top 3 Insider Threat Risk Mitigation Strategies

As in many sectors, security must often carry out its mission with limited personnel and financial resources. When considering how to best implement a new or growing Insider Threat program, it’s important to find the highest impact without stretching security too thin. What strategies offer the best combination of cost and effectiveness for an organization Read more about Your Top 3 Insider Threat Risk Mitigation Strategies[…]

Creating a Culture of Cybersecurity at Work: Why the Hub is Not Enough

Cybersecurity Awareness Month (CSAM) is a useful reminder to all of us to reinvigorate our efforts to protect our networks from Insider Threats. Insiders are difficult to detect because they abuse their legitimate system access to purloin or sabotage information. Evaluate your own Insider Threat Program like you would any technical or non-technical internal risk Read more about Creating a Culture of Cybersecurity at Work: Why the Hub is Not Enough[…]

Cyber Security – It’s Not Just for Breakfast Any More

Cyber security. It’s on everyone’s mind. That’s not surprising given the spectacular thefts of private or confidential data constantly making headlines. Each seems worst than the last. No industry is immune. Damages are both tangible and intangible. Monetary losses from intellectual property theft include the foregone profits from technology now being produced by a competitor Read more about Cyber Security – It’s Not Just for Breakfast Any More[…]

What Can We Learn From Office Space About the “Human Side” of Insider Threat

One reason the cult classic movie Office Space is beloved by so many is that almost everyone can relate. Who hasn’t developed an emotional attachment to a stapler, grimaced every time a too-cheerful cube mate answered the phone, or fantasized about taking a baseball bat to a stubborn printer? We’ve all been there, and it’s Read more about What Can We Learn From Office Space About the “Human Side” of Insider Threat[…]

The Accidental Insider, Mitigating Unintentional Data Leaks

We all know the profile of an “insider threat”, the disgruntled employee that wants to get back at the boss, the spy posing as a trustworthy staff member, or the idealistic computer whiz that believes protected information should be public knowledge. While history shows individuals exist that fit these profiles, they do not represent the Read more about The Accidental Insider, Mitigating Unintentional Data Leaks[…]