dcsimg

Tackle Insider Threat by Creating a Culture of Security Awareness

  • Tackle Insider Threat by Creating a Culture of Security Awareness-

    What Information Might Be Targeted?

    Cullison: If you look at it from a data perspective, every organization has some type of data that makes it unique – this could be a customer list or a business strategy – anything that has economic value or is a financial driver. So no organization is immune from insider threat.

    Amigorena: Think about all the files and folders that are stored on your organization's internal network – any part of this information could become a target. Putting security measures in place that will track, monitor and restrict data access and movement is therefore hugely valuable. If there aren't any protocols in place for when a breach happens, by the time you find out about it, it could be too late to recover or even minimize the damage.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Tackle Insider Threat by Creating a Culture of Security Awareness

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
  • Tackle Insider Threat by Creating a Culture of Security Awareness-3

    What Information Might Be Targeted?

    Cullison: If you look at it from a data perspective, every organization has some type of data that makes it unique – this could be a customer list or a business strategy – anything that has economic value or is a financial driver. So no organization is immune from insider threat.

    Amigorena: Think about all the files and folders that are stored on your organization's internal network – any part of this information could become a target. Putting security measures in place that will track, monitor and restrict data access and movement is therefore hugely valuable. If there aren't any protocols in place for when a breach happens, by the time you find out about it, it could be too late to recover or even minimize the damage.

October is National Cyber Security Awareness Month (NCSAM), and this year's theme is 'Our Shared Responsibility,' reflecting the notion that cyber space cannot be secured without the help of all users. Unfortunately, the weakest link in most organizations is the employees. In fact, many, if not most, security breaches involve internal users, a risk often referred to as insider threat.

We've spoken to two experts in the area of insider threat to provide some insight into what it is and how it can be defended against. The first is François Amigorena, president and CEO at IS Decisions, a solutions provider specializing in securing internal user network access. The second is Greg Cullison, senior executive of Security, Suitability and Insider Threat Programs at Big Sky Associates, specialists in helping federal and commercial organizations mitigate threats. In this slideshow, Amigorena and Cullison discuss how understanding the role of insider threats is an important part in creating a culture of cybersecurity.