Shifting to proactive defense: Organizations must be on the lookout for insider threats, Dabit and others advise.”And you need mechanisms in place to look for it,” Blankenship says, highlighting the various security technologies that can detect behaviors such as unusual or unauthorized attempts to access data and systems that could indicate an insider threat. Those, of course, are in addition to all the security and data protection controls considered standard today, he adds.Dabit also advises security leaders to have a plan for how to respond if they suspect or catch an insider either inadvertently or maliciously causing harm.And he advises CISOs to work with the chief legal officer and the head of HR to identify employees who could be insider threats, such as those who are about to be laid off or are disgruntled.Harper recommends regular employee background checks, with more rigorous ones for executives and workers with access to sensitive information or systems.Cochran says most security teams have work to do to meet the insider threats that exist today.”Many of the CISOs I speak with don’t feel very confident they can detect an insider threat before serious damage occurs,” he says. “What needs to change is a shift from reactive, technically focused programs to integrated ones that fuse behavioral signals with technical telemetry, and critically, organizations need to extend insider risk frameworks to non-human/ agentic identities with the same rigor they’d apply to a human employee.”
First seen on csoonline.com
Jump to article: www.csoonline.com/article/4143393/the-insider-threat-rises-again.html
