dcsimg

Tackle Insider Threat by Creating a Culture of Security Awareness

  • Tackle Insider Threat by Creating a Culture of Security Awareness-

    How Can Companies Protect Themselves?

    Amigorena: At a more granular level, you can set and enforce rules to restrict and control user logins as well as access to specific files and folders. Preventing or limiting concurrent or multiple logins is one such restriction that will reduce what's called the 'attack surface' – the sum of vulnerable points open to a breach. Monitor real-time access across the network on all sessions including Wi-Fi and VPN, and record and audit who was connected, from which system, since what time and for how long. This will help flag anomalies in individual usage, which will help you see and respond to potential breaches in advance, as well as provide an audit trail to minimize damage in the event of a breach.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Tackle Insider Threat by Creating a Culture of Security Awareness

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
  • Tackle Insider Threat by Creating a Culture of Security Awareness-5

    How Can Companies Protect Themselves?

    Amigorena: At a more granular level, you can set and enforce rules to restrict and control user logins as well as access to specific files and folders. Preventing or limiting concurrent or multiple logins is one such restriction that will reduce what's called the 'attack surface' – the sum of vulnerable points open to a breach. Monitor real-time access across the network on all sessions including Wi-Fi and VPN, and record and audit who was connected, from which system, since what time and for how long. This will help flag anomalies in individual usage, which will help you see and respond to potential breaches in advance, as well as provide an audit trail to minimize damage in the event of a breach.

October is National Cyber Security Awareness Month (NCSAM), and this year's theme is 'Our Shared Responsibility,' reflecting the notion that cyber space cannot be secured without the help of all users. Unfortunately, the weakest link in most organizations is the employees. In fact, many, if not most, security breaches involve internal users, a risk often referred to as insider threat.

We've spoken to two experts in the area of insider threat to provide some insight into what it is and how it can be defended against. The first is François Amigorena, president and CEO at IS Decisions, a solutions provider specializing in securing internal user network access. The second is Greg Cullison, senior executive of Security, Suitability and Insider Threat Programs at Big Sky Associates, specialists in helping federal and commercial organizations mitigate threats. In this slideshow, Amigorena and Cullison discuss how understanding the role of insider threats is an important part in creating a culture of cybersecurity.