Although the risk landscape facing organizations is always changing, the insider threat consistently remains the top source of data breaches. The insider threat is there to amplify any threat: cyberattacks, BYOD, cloud, IoT. Every new threat is made worse by people.
So, how do you address the Insider Threat?
The top of every list now is the recognition that the solution to the Insider Threat does not come in a box. It is not a piece of software or technology, but rather a culture of security reinforced by policy, procedure and technology. A top-down prioritization of data security is a key differentiator to mitigating the insider threat; organizations with effective security cultures have fewer security gaps.
CompTIA CEO Todd Thibodeaux recently published an article on CIO.com about how to create a culture of security ownership, talking about some tangible steps to create a cultural shift that sticks:
- Rethink your C-Suite structure be ensuring your security officer (whatever their designation) reports directly to the CEO, sending a message that security is not isolated
- Prioritize end-user literacy on an ongoing basis with “robust” end-user training
- Establish the right metrics to ensure the efficacy of current security efforts
- Shift to ‘investing’ in security instead of reactively ’spending’
- Incentive accountability
The need for this cultural shift has never been more pressing. Current trends in IT are only making security more complicated. The decentralization of IT, through increased business-unit spending on cloud apps, is only contributing to the insider threat, with shadow data being stored in data silos that are outside the control of IT, causing issues for security, collaboration and integration. This same shift has affected the role of the CIO, on both purchasing and governance / security; now is the time to re-establish a leadership role that does not put a half to these shifting landscapes.
In a Forrester whitepaper hosted by Absolute, Hunting Insider Threats: Forrester’s Model for Establishing An Insider Threat Team, we talked about a 10-step program to create an insider threat program, including the importance of top-down support and effective monitoring technologies. Visibility and implication are key to ensuring that this widely distributed insider threat landscape is effective managed.
With Absolute DDS, you gain resilient visibility and control over your entire endpoint security stack. From a single console, you can ensure your endpoints & the data they contain are always in your control and can proactively monitor the status of complimentary security applications such as SCCM, encryption and anti-malware. With this visibility, you can take a proactive approach to reducing potential blind spots and are equipped to identify and respond to risks early.