Mitigating Insider Threats
Thanks to the interconnected world we dwell in, cybercrime is gradually turning into a huge business. A new threat seems to loom every other day. However, organizations need to be conscious, not only of the external threat but also of the threat that could cause malice from the inside, via employees, former employees or contractors. Insider threat has the potential to cause damage on a magnanimous scale and pose a threat to the organization’s integrity and confidentiality. Preparing the personnel in advance for the threats is just as crucial as placing the technology to deal with it.
It is a common misconception that IT department is solely responsible for maintaining the overall security of the organization. However, instilling a basic sense of responsibility among the employees through awareness programs can go a long way in the mitigation process. Further, an organization must carefully analyze the access, be it physical or digital, an employee could gain. Running background checks on potential employees before granting access can reduce the risk involved. On the other hand, since most organizations outsource their cloud requirements, they must be prepared to mitigate any damages that the suppliers could cause. It is important even for the suppliers to abide by the organization’s policies. At the same time, the systems within the organizations need to be kept updated, should be protected with strong passwords and regularly backup your data so that the insiders have lesser attack touch points to exploit.
While employees could be the backbone of an organization, they are just as capable of breaking it. A Gartner report suggests that in excess of 70 percent of unauthorized access to organization’s data is committed by the employees themselves. By applying a holistic approach and integrating strong layers of protection around the systems, enterprises can protect themselves from the core while they tackle the external threats.
By James Seevers, CIO & GM, Toyoda Gosei
By Bill Krivoshik, SVP & CIO, Time Warner Inc.
By Gregory Morrison, SVP & CIO, Cox Enterprises
By Alberto Ruocco, CIO, American Electric Power
By Bruce. D. Smith, SVP & CIO, Information Systems, Advocate...
By Adrian Mebane, VP-Global Ethics & Compliance, The Hershey...
By Graham Welch, Director-Cisco Security, Cisco
By Michael Watkins, Senior Product Director, Global Knowledge
By Bernd Schlotter, President of Services, Unify
By Patrick Hale, CIO, VITAS Healthcare
By Steve Bein, VP-GIS, Michael Baker International
By Jason Alan Snyder, CTO, Momentum Worldwide
By Mike Morris, CIO, Legends
By Louis Carr, Jr., CIO, Clark County
By Bill Dow, SVP and General Manager of Business Solutions,...
By Jim Whitehurst, CEO, Red Hat
By Darren Cockrel, CIO, Coyote Logistics, a UPS Company...
By Nathan Johnson, SVP and CIO, Werner Enterprises [NASDAQ:...
By David Tamayo, CIO, DCS Corporation
By Neil Hampshire, CIO, ModusLink Global Solutions, Inc....