dcsimg

Tackle Insider Threat by Creating a Culture of Security Awareness

  • Tackle Insider Threat by Creating a Culture of Security Awareness-

    How Would You Define Insider Threat?

    Cullison: In our industry, insider threat is essentially any threat that relates to information on the network, and it could be either a malicious act or due to just plain negligence. Insider threat can follow three channels. The most common is the employee who has legitimate access to the system and data as part of their job. Then there is the outside worker who is temporarily contracted to do a job within the company. And finally, there is the 'outside insider' who has gained access to the network through the acquisition of passwords or a lost device such as a laptop or USB stick.

    Amigorena: People frequently only consider the malicious element of insider threat – the employee who has an axe to grind and access to the organization's sensitive data. This is obviously a significant risk, but the more common occurrence comes from human error. Employees sharing passwords, following bad security practice. This leaves the organization wide open to social engineering tactics, whereby an outsider could gain access not with clever hacking techniques but by tricking a user into sharing access. Culture and training is obviously key to tackling this, as well as technology.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Tackle Insider Threat by Creating a Culture of Security Awareness

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
  • Tackle Insider Threat by Creating a Culture of Security Awareness-2

    How Would You Define Insider Threat?

    Cullison: In our industry, insider threat is essentially any threat that relates to information on the network, and it could be either a malicious act or due to just plain negligence. Insider threat can follow three channels. The most common is the employee who has legitimate access to the system and data as part of their job. Then there is the outside worker who is temporarily contracted to do a job within the company. And finally, there is the 'outside insider' who has gained access to the network through the acquisition of passwords or a lost device such as a laptop or USB stick.

    Amigorena: People frequently only consider the malicious element of insider threat – the employee who has an axe to grind and access to the organization's sensitive data. This is obviously a significant risk, but the more common occurrence comes from human error. Employees sharing passwords, following bad security practice. This leaves the organization wide open to social engineering tactics, whereby an outsider could gain access not with clever hacking techniques but by tricking a user into sharing access. Culture and training is obviously key to tackling this, as well as technology.

October is National Cyber Security Awareness Month (NCSAM), and this year's theme is 'Our Shared Responsibility,' reflecting the notion that cyber space cannot be secured without the help of all users. Unfortunately, the weakest link in most organizations is the employees. In fact, many, if not most, security breaches involve internal users, a risk often referred to as insider threat.

We've spoken to two experts in the area of insider threat to provide some insight into what it is and how it can be defended against. The first is François Amigorena, president and CEO at IS Decisions, a solutions provider specializing in securing internal user network access. The second is Greg Cullison, senior executive of Security, Suitability and Insider Threat Programs at Big Sky Associates, specialists in helping federal and commercial organizations mitigate threats. In this slideshow, Amigorena and Cullison discuss how understanding the role of insider threats is an important part in creating a culture of cybersecurity.