How Can Companies Protect Themselves?
Cullison: Training is as important as having the right security software in place. However, there should be a collective responsibility in protecting company information. This is where we bring in process improvement. Our strength is in process improvement projects where we look at what has been missed. By uniting processes and merging functions, you can address issues more effectively. For example, with IT and HR working together, you can have a policy in place to monitor an employee who might have been flagged as having grievances or performance issues.
Organizations should get all the right stakeholders in one room to really understand what they are trying to achieve in terms of security and from there create a robust insider threat program that is part of the business process.