With autumn leaves falling and September firmly underway, the time has come to note and reflect on National Insider Threat Awareness Month. The month acts as a reminder of the importance of taking steps to avoid insider threats across every industry, during a time when data breaches constantly plague news headlines. A report from last year highlights the danger, revealing that more than two-thirds (68%) of data breaches at firms were caused by insiders.
With this in mind, we spoke to seven security experts to get their knowledge and advice on how best to avoid accidental breaches.
With trust comes empowerment
Through the malicious use of physical social engineering, cybercriminals psychologically manipulate individuals to trick them into making security mistakes. Andy Swift, Cyber Security Assurance Technical Director at Six Degrees, warns of the dangers of such practices, and the importance of encouraging employees to act.
“Most people’s natural reaction to someone standing outside with a coffee in each hand is to open the door to assist them, but this is exactly where the vulnerability lies. It isn’t rude to ask someone where their credentials are; if they should be there, they have nothing to hide!
“When done right, employees can be the eyes and ears of an organisation. Where someone behind a security camera won’t look twice at an ‘employee’ riffling through files, real employees are well-positioned to question the intruder. But they are only likely to do so if they’ve been taught to challenge people they do not recognise, and that reporting any uncertainties is perfectly acceptable.”
Drata’s CISO, Matt Hillary, values reliable infrastructure, but only with an inspired and empowered team behind it. “It’s important to note that continuous compliance should not be viewed as a replacement for a robust cybersecurity policy, but rather as a complementary strategy that helps facilitate a culture of security. Threats from insiders will always exist – whether malicious intent or genuine mistake – but by working together, security and compliance teams can go a long way to mitigating the risk.”
Knowledge is power, and sharing is caring
With the consequences of data breaches being so , it is no longer optional to educate employees on how to protect their data. A thorough understanding of insider threats is needed to prevent the most serious of attacks.
“The actions of insiders are incredibly unpredictable and worse, anyone, anywhere can become a threat. As such, defences must be entirely robust, without overwhelming security teams with an unmanageable volume of alerts,” says Richard Orange, Vice President of EMEA Sales at Exabeam. “Businesses need to employ a mixture of comprehensive cybersecurity training for all employees and modern security solutions that allow them to gain a full overview of their insider threat landscape.”
“Giving employees the training to go from potential victims to the first line of defence requires awareness of traditional and emerging social engineering and phishing tactics. Organisations must provide comprehensive training to educate employees about identifying and mitigating risks associated with all attacks, especially ones leveraging gen AI,” adds Skillsoft’s CISO, Okey Obudulu.
“This includes imparting knowledge about the latest phishing techniques, raising awareness about the dangers of engaging with unknown entities and promoting vigilant behaviour online. Robust threat detection technologies that leverage advanced machine learning algorithms can also be implemented to help identify anomalies and potential attacks.”
Offer support with the latest tech
While educating staff is an essential part of preventing insider threats, it is also important to use the latest technology to help employees avoid harmful breaches of their personal data. With the sophistication of cyber-attacks increasing, it is imperative that businesses keep up.
Brett Candon, Vice President International at Cyware, emphasises how intelligence sharing can help businesses get ahead of attacks. “Threat intelligence as a next-generation approach to cybersecurity – often referred to as cyber fusion – unifies all security functions such as threat intelligence, security automation, threat response, security orchestration, incident response, and others into a single connected platform which detects, manages, and responds to threats in an integrated and collaborative manner. The importance of collaboration – inside and outside the organisation – cannot be overstated.”
“In addition to the essential commitment to training and the use of MFA, insider threat or not, organisations also need to come to terms with the fact that it is a case of ‘when’ they will be attacked, rather than ‘if’. This is why investment in effective recovery technology is vital for organisations to protect themselves against the fallout of an insider threat-driven data breach or ransomware attack, which can lead to costly disruptions if operations are not restored swiftly,”adds Zerto’s, a Hewlett Packard Enterprise company, Director, Technical Marketing and Training, Kevin Cole.
With AI coming into every business’ repertoire, Patrick Beggs, CISO at ConnectWise, points to how leaders should recognise it’s benefits in aiding insider threat prevention. “To enhance their ability to detect and prevent insider threats, organisations can leverage artificial intelligence for context-aware monitoring, anomaly detection and behavioural analytics.
“By consuming billions of data artifacts, AI quickly learns about emerging risks, identifying malicious files and suspicious activity much faster and more accurately than a human ever could. It then applies its findings to predict activities, identifying them as they occur and assigning them a severity level for remediation.”
Insider threats are one of the many ways cybercriminals can infiltrate an organisation, triggering havoc and long-term harm. However, these cracks of vulnerabilities can be filled by adopting education, encouragement and innovation into the culture of an organisation, which heavily strengthens the security landscape of the company. With teamwork, mountains can be moved, and National Insider Threat Awareness Month is the time to take the first step.
