• Latest
  • Trending
Insider Threats: Protecting from Within

Insider Threats: Protecting from Within

December 21, 2021
Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022
Fibre optic interconnection linking Cameroon and Congo now operational

Fibre optic interconnection linking Cameroon and Congo now operational

July 15, 2022
Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

Ericsson and MTN Rwandacell Discuss their Long-Term Partnership

July 15, 2022
Airtel Africa Purchases $42M Worth of Additional Spectrum

Airtel Africa Purchases $42M Worth of Additional Spectrum

July 15, 2022
Huawei steps up drive for Kenyan talent

Huawei steps up drive for Kenyan talent

July 15, 2022
TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

TSMC predicts Q3 revenue boost thanks to increased iPhone 13 demand

July 15, 2022
Facebook to allow up to five profiles tied to one account

Facebook to allow up to five profiles tied to one account

July 15, 2022
Top 10 apps built and managed in Ghana

Top 10 apps built and managed in Ghana

July 15, 2022
MTN Group to Host the 2nd Edition of the MoMo API Hackathon

MTN Group to Host the 2nd Edition of the MoMo API Hackathon

July 15, 2022
KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

KIOXIA Introduce JEDEC XFM Removable Storage with PCIe/NVMe Spec

July 15, 2022
  • Consumer Watch
  • Kids Page
  • Directory
  • Events
  • Reviews
Monday, 6 February, 2023
  • Login
itechnewsonline.com
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion
Subscription
Advertise
No Result
View All Result
itechnewsonline.com
No Result
View All Result

Insider Threats: Protecting from Within

Malicious insiders are increasingly working in teams or groups.

by ITECHNEWS
December 21, 2021
in Leading Stories, Opinion
0 0
0
Insider Threats: Protecting from Within

YOU MAY ALSO LIKE

Inaugural AfCFTA Conference on Women and Youth in Trade

Instagram fined €405m over children’s data privacy

After chasing and capturing cyber-criminals and spies for nearly three decades, one fact holds true, “Access rules the landscape. Every attacker wants it. Every employee has it.” Differentiating between legitimate access by malicious insiders and access enablement for state-sponsored, criminal and ideologically motivated actors can be challenging even for seasoned professionals.

Today, Mandiant records more cases than ever in which malicious insiders compromised mission-critical systems, exposed confidential data or extorted their employers. Such incidents can cause significant financial damage and reputational risk. Organizations not only have their own data but the data of customers and suppliers they are entrusted to protect. Organizations should focus on protecting their critical data, assets and crown jewels at a minimum. Unfortunately, most organizations and industries are unaware of the latest malicious insider threat trends:

  • Malicious insiders are increasingly working in teams or groups.
  • Ransomware groups recruit malicious insiders to enable access.
  • Economic and workplace environments are significantly driving malicious insider behaviors.

Most organizations do not have an established insider threat program or leverage intelligence to reduce insider threat risk. To mitigate risk, insider threat programs should focus on three core elements: access, data and awareness.

Access

Access is vital in malicious insider threat cases, so organizations must protect all environments and assets within their networks with multifactor authentication (MFA) and access controls. Each user, developer and administrator should be given only the rights they absolutely need for their daily work. Keep the number of employees allowed to create new accounts in on-premises and cloud environments to a minimum. Access and privilege audits should occur routinely.

Also, implement network segmentation. By separating network areas through security controls, an attacker has less opportunity to pivot to a separate environment and – potentially – elevate privileges. Organizations should additionally limit unnecessary traffic between highly sensitive and less trusted environments. All systems that do not need to be publicly accessible should be separated from public access. Ensure secure offboarding. When an employee leaves the company, organizations should immediately lock down their network access. All SSH keys, PEM files and passwords to which the person had access should be changed for all environments. MFA should also be disabled immediately.

Data

Data, in this context, can be files, folders, intellectual property, sensitive information and more. Data resides on thin clients, laptops, desktops, servers, thick clients, mobile devices, printers and the cloud. Does your organization know where all its data is and where it goes? Not understanding this can lead to a breach, resulting in data loss, financial losses, reputation impacts and litigation risk.

“Most organizations do not have an established insider threat program or leverage intelligence to reduce insider threat risk”

Ensure all folders and files have appropriate access controls. Leverage purposefully designed insider threat tools to support data loss prevention efforts and visibility into data movements, including copies, modifications and destruction.

Awareness

To effectively diagnose insider attacks, businesses need to combine technology with vigilance and a commitment to educating employees about the dangers of insider and insider-enabled threats. Organizations should commit to regular insider threat awareness training for their board of directors, c-suite and employees. Additionally, they should invest in a dedicated insider threat data loss prevention solution paired with a separate endpoint detection and response (EDR) solution.

Many organizations try to repurpose technologies not intentionally designed to detect insider threats. An insider threat data loss prevention solution detects malicious behavior for those with legitimate access, sounds the alarm and can block actions. These technologies protect from within, the other 180 degrees. Companies should send log data and event aggregation to a SIEM (security information and event management). This helps ensure the authenticity of logs and prevents an attacker from deleting or manipulating them.

Key Takeaways

Access, data and awareness are key to minimizing malicious insider threat risk. Outside specialists can review existing capabilities to maximize the use of current investments and accelerate or create insider threat programs based upon years of cataloguing best practices across industries.

Insider threat security as a service removes bias from analysis and identifies suppression of alerts and events, allowing the organization to focus on investigations. Regular intelligence-informed security assessments make it possible to uncover weaknesses and continuously improve security measures. This provides companies with an intelligence-informed individual roadmap for effectively protecting themselves against malicious insider attacks and their impacts.

I’ll leave you with three other points to consider:

  • Insider threat-focused solutions should follow the data and protect from within.
  • Insider threat investigations should be predicated by evidence to refute profiling and withstand legal scrutiny.
  • Intelligence-informed insider threat programs add visibility and reduce risk.
Source: Jon Ford Global Managing Director, Insider Threat Security Solutions
Tags: Awarenesscyber-criminalsdata
ShareTweetShare
Plugin Install : Subscribe Push Notification need OneSignal plugin to be installed.

Search

No Result
View All Result

Recent News

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022
8 Most Common Causes of a Data Breach

5.7bn data entries found exposed on Chinese VPN

August 18, 2022

About What We Do

itechnewsonline.com

We bring you the best Premium Tech News.

Recent News With Image

Inaugural AfCFTA Conference on Women and Youth in Trade

Inaugural AfCFTA Conference on Women and Youth in Trade

September 6, 2022
Instagram fined €405m over children’s data privacy

Instagram fined €405m over children’s data privacy

September 6, 2022

Recent News

  • Inaugural AfCFTA Conference on Women and Youth in Trade September 6, 2022
  • Instagram fined €405m over children’s data privacy September 6, 2022
  • 5.7bn data entries found exposed on Chinese VPN August 18, 2022
  • Fibre optic interconnection linking Cameroon and Congo now operational July 15, 2022
  • Home
  • InfoSec
  • Opinion
  • Africa Tech
  • Data Storage

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

No Result
View All Result
  • Home
  • Tech
  • Africa Tech
  • InfoSEC
  • Data Science
  • Data Storage
  • Business
  • Opinion

© 2021-2022 iTechNewsOnline.Com - Powered by BackUPDataSystems

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In
Go to mobile version