Insider threats are real and growing rapidly with today’s technology.
If you are not familiar with the term “insider threat,” an insider threat is a malicious threat to an organization that comes from people within the organization.
These people include employees, former employees, contractors or business associates, those who have inside information concerning the organization’s security practices, data and computer systems.
September 2020 marked the second annual National Insider Trading Month (NITAM) and throughout the month, resources were made available to emphasize the importance of detecting and deterring insider threats.
NITAM is a collaborative effort between several U.S. government agencies including the National Counterintelligence and Security Center (NCSC), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), National Insider Threat Task Force (NITTF), Department of Homeland Security (DHS), and the Defense Counterintelligence and Security Agency (DCSA).
The NITAM was created last year to raise awareness of the risks posed by insiders and to encourage organizations to take action to manage those risks.
Security teams within organizations focus a lot of their efforts on protecting their networks and data from cyber attacks and hackers or other external threat actors.
What organizations often miss are preventative and protective measures against insider threats.
Those trusted insiders could accidentally or deliberately take actions which are disruptive to the business.
These actions could cause damage to company facilities, systems, or equipment, result in financial harm, or expose or disclose intellectual property and sensitive information regarding the organization and clients.
To fight against and prevent insider threats, organizations need to establish an insider threat mitigation program that detects, deters, and responds to threats from malicious and unintentional insiders.
The program should protect critical assets against unauthorized access and malicious acts, and the workforce should be trained how to identify insider threats and conditioned to report any suspicious behavior or activities.
The program should also involve the collection and analysis of information to help identify and mitigate insider threats quickly.
With the spread of COVID-19 this year, protecting against insider threats has become more challenging as organizations have moved towards more remote models.
The expansion of remote working to include the entire workforce, has increased the risk of espionage, unauthorized disclosures, fraud, and data theft.
It is more important than ever for organizations to have an effective insider threat mitigation program.
The main goal of NITAM 2020 is to provide awareness through education of the workforce and the organizations key teams.
The DHS Cybersecurity and Infrastructure Security Agency (CISA) is helping to raise awareness of insider threats and has published resources that can be used by healthcare organizations to improve organizational resilience and mitigate risks posed by insider threats.
The resources include games, videos, graphics, posters, and case studies to promote NITAM.