There’s a growing awareness among organizations that significant cyber weaknesses are coming not from hackers on the outside, but from their own employees.
Consider this evidence:
- Information Age says insider threats continue to be “a top security concern” for organizations.
- Verizon’s Data Breach Investigations Report says privileged user misuse was the fourth largest cyber security threat worldwide in 2014.
- The Internet security organization SANS is offering a “Securing The Human” seminar at its December cyberdefense conference, promising to address employee threats to security.
This year’s Verizon Data Breach Investigations Report highlighted two alarming trends on the security landscape — cyberespionage and the growing insider threat – that can cause significant long-term damage to an organization from both the outside and from within. — Muddu Sudhakar, CEO of Caspida
This information shows that companies need to take seriously, the education and monitoring of employees.
“People are the most valued asset of an organization and, unfortunately, also one of the primary causes for increased business risk due to their unusual behavioral nuances or by becoming an easy target for attackers,” Gautam Aggarwal, chief marketing officer at Bay Dynamics, said in Security Week.
“Organizations should focus on early detection and predictive protection by proactively identifying unusual user account activity indicating potential human-level prospecting; continuous monitoring for high-risk users who do not have an established norm and their patterns of access show diverse and risky behavior,” Aggarwal said.
What Can I Do?
One option for protection is employee monitoring software, which can keep track of things such as logins, keystrokes, data uploads, and downloads.
And while this information is nice to have, what’s really important when considering monitoring as a solution, are these features:
- Instant messenger monitoring – Employees routinely send and receive files via IM (e.g. Skype, Line, Facebook messenger, etc.)
- Email/Webmail monitoring – Another popular tactic for stealing data is sending it to a webmail account (e.g. Gmail, Hotmail, Yahoo, etc.)
- Data loss prevention – What backups and failsafe’s are offered for protecting erased / hidden data?
Many monitoring suites offer cloud storage for the aggregated data as one of their paid add-ons / extras – This is certainly an important feature, especially if you ever need a log of activity for legal purposes.
Your Turn
Which techniques do you rely on to prevent insider threats? Let us know in the comments!