dcsimg

Tackle Insider Threat by Creating a Culture of Security Awareness

  • Tackle Insider Threat by Creating a Culture of Security Awareness-

    Industry Regulation and Compliance

    Many industries work under regulations with regards to internal security. How do you think organizations in these industries view compliance?

    Amigorena: Most regulated organizations view compliance seriously and take all the necessary steps to meet the industry-set criteria. However, when you see a case like the one earlier this year, when hackers infected a Chinese restaurant's online menu with malware to target employees of an oil company, it shows that a threat can come from anywhere. You then start to think about combining different risk procedures that will help protect your employees and your company information more effectively.

    As technology continues to evolve, threats will evolve alongside it. Organizations need to realize that there is no longer a 'one-size-fits-all' solution – even for regulated industries. Creating a culture of cybersecurity within and for your employees is paramount in helping to safeguard your company against insider threats.

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10

Tackle Insider Threat by Creating a Culture of Security Awareness

  • 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10
  • Tackle Insider Threat by Creating a Culture of Security Awareness-9

    Industry Regulation and Compliance

    Many industries work under regulations with regards to internal security. How do you think organizations in these industries view compliance?

    Amigorena: Most regulated organizations view compliance seriously and take all the necessary steps to meet the industry-set criteria. However, when you see a case like the one earlier this year, when hackers infected a Chinese restaurant's online menu with malware to target employees of an oil company, it shows that a threat can come from anywhere. You then start to think about combining different risk procedures that will help protect your employees and your company information more effectively.

    As technology continues to evolve, threats will evolve alongside it. Organizations need to realize that there is no longer a 'one-size-fits-all' solution – even for regulated industries. Creating a culture of cybersecurity within and for your employees is paramount in helping to safeguard your company against insider threats.

October is National Cyber Security Awareness Month (NCSAM), and this year's theme is 'Our Shared Responsibility,' reflecting the notion that cyber space cannot be secured without the help of all users. Unfortunately, the weakest link in most organizations is the employees. In fact, many, if not most, security breaches involve internal users, a risk often referred to as insider threat.

We've spoken to two experts in the area of insider threat to provide some insight into what it is and how it can be defended against. The first is François Amigorena, president and CEO at IS Decisions, a solutions provider specializing in securing internal user network access. The second is Greg Cullison, senior executive of Security, Suitability and Insider Threat Programs at Big Sky Associates, specialists in helping federal and commercial organizations mitigate threats. In this slideshow, Amigorena and Cullison discuss how understanding the role of insider threats is an important part in creating a culture of cybersecurity.