Insider threats. It is not that we have not heard about these two words before, as it has been all over our blog, as well all over the news. However, it seems as though we don’t hear a lot about how organization are responding to prevent data breaches from these insider threats. A recent warning by the FBI and Department of Homeland Security (DHS) to organizations was that there is an increase in insider threats from disgruntled current and former employees.
DHS claims that it is nearly impossible to entirely eliminate the threat of a malicious insider. People would agree that it is even more impossible to eliminate the threat of those insider thefts resulting from accidental or unintentional reasons. In recent events, we can see that attacks have also targeted third party contractors or vendors, who are called “third-party insiders,” as they literally almost, have all the access an insider within the organization would have.
Organizations not only need a clearer picture of their workforce as well as their “third-party insiders” but also a reliable solution to protect their data. Yes, the need to understand the behavior and background of employees are important, as well as presenting guidelines and training for information security. However, this alone will not stop an insider threat whether malicious or not from happening.
What we can truly say and what we need to present to our decision makers is if we cannot protect the data itself, all the checking of behavior, and all the monitoring becomes irrelevant because the data is at risk while that is being sorted out. An insider threat, especially those that are not malicious cannot be prevented by the profiling of employees.
The underestimation of insider threats has resulted in several top headlines regarding data breaches and financial loss due to these cases. Protection of data, with data-centric solutions is the only sure way to prevent insider threats from happening whether malicious or not.
Making sure your data is secure and not falling into the wrong hands entails strong and continuous encryption, dynamic control, as well as intelligent monitoring. The ability to revoke access to a file containing this data after a threat, not a breach, but threat, is the difference from an unauthorized user accessing the information or having the information protected for only authorized users to accessing the information.
Underestimation of these threats can be solved with action to implement these solutions into your organization and providing the assurance to you customers that their sensitive information is protected from these threats. For once, let’s hear on the news that consumer confidence in organizations is at an all-time high because they are confident that their sensitive information is safe in your hands.
Photo Credit: John Stansbury
