Making Insider Threats A Year Round Priority

Uploaded on 2024-10-30 in TECHNOLOGY-Key Areas-Artificial Intelligence, TECHNOLOGY--Resilience, JOBS-Training, FREE TO VIEW

When it comes to cybersecurity, the focus can often be on external threats. However, with 83% of organisations reporting at least one insider attack in 2023, this is an issue that needs to be a top security priority year round.

Insider threats have become both more frequent and costlier over the last few years - with the average cost rising to $16.2 million in 2023. Despite this, less than 30% of organisations are confident that they can handle an insider threat, suggesting a huge mismatch between the scale of the problem and the focus on the solution. With all of this in mind, we spoke to six security experts to get their advice on what organisations should be doing in order to build a successful insider threat defence.

It's All About The Culture

One of the biggest mistakes organisations can make when it comes to insider threats is assuming that the problem can be solved by one piece of technology, or by putting one security policy in place. Instead, an effective strategy requires buy-in from the leadership team and a whole organisation culture shift. 

“Lets not forget an insider threat can come from any level within an organisation—employees, contractors, or even business partners,” explains Andy Swift, Cyber Security Assurance Technical Director, Six Degrees. “The motivations behind these threats vary, from financial gain and personal grievances to negligence and lack of awareness. Therefore, a comprehensive approach to managing insider threats involves not only advanced technological solutions but also fostering a culture of awareness and responsibility among staff.” 

He continues: “It all starts with strong access controls, regularly reviewed permissions, and monitoring of user activities; carefully consider who needs access to what and why, and then think forensically - if you can’t provide an audit trail from a central location for administrative or general user actions across a range of systems, your early visibility of potential insider attacks can be dramatically impacted.”

Des V. Anderson, CTO and Co-Founder at LearnUpon, agrees that tackling insider threats relies on the efforts of the whole team. “What’s most important is to equip your teams with the right tools and solutions to succeed and at the same time, create a culture of knowledge sharing that encourages employees to take charge of security through strengthened passwords, two-factor authentication, and anti-phishing awareness,” he argues. “Security leaders also need to invest significant effort into training developers to have a strong emphasis on security. They must provide them with insights into best practices and encourage them to utilise automation to handle standard security assessments.”

Being Smart About Technology 

Of course, security tools do have a vital role in the prevention of cyber threats. “Prevention is better than cure and many businesses are putting multiple layers of security in place, supported by tools such as continuous monitoring, identity and access management and thorough security compliance training for all employees,” explains Terry Storrar, Managing Director, Leaseweb UK

However, he points out that “more tooling does not necessarily mean more secure.  It is also crucial that all these measures are integrated to prevent gaps in cloud security architectures.  IT and security teams should also look to harness automation – for example, to identify and track misuse of confidential data - to further boost the security of their cloud environments.”

Brett Candon, VP International at Cyware, believes that consolidation of security functions is key. “In a process known as cyber fusion, all security functions are consolidated,” he outlines. “By combining threat intelligence, security automation, threat response, security orchestration and incident response into one single, interconnected platform, IT teams can detect, manage and respond to threats in the fastest and most efficient way possible.”

He continues: “The key is collaboration. Both inside and outside the organisation, businesses should focus on creating a trusted and collaborative environment where all security teams work together much more closely, exchanging and communicating the right information with the relevant people. This process is called collective defence.”

Taking Advantage Of AI

According to Matt Hillary, CISO at Drata, “tackling insider threats is one area where AI has significant potential to be game-changing for data protection programs.” 

“Notably, AI models can be created and used to review and produce real-time, behaviour-based monitoring capabilities and policies that detect potential, or actual, information security and data protection violations,” he says.

Moshe Weis, CISO at Aqua Security, agrees that AI can have a huge impact. “Advanced tools, including AI-powered behavioural analytics, can play a key role in detecting subtle deviations from normal user behaviour—such as unusual access patterns or the improper handling of sensitive data. These tools allow for real-time insights, enabling organisations to identify potential threats before they escalate. By automating the detection of anomalies, AI serves as a force multiplier for security teams, who can then focus on high-priority incidents.”

However, Weis also reinforces the point that no one technology or method is the solution to insider threats. “Ultimately, by integrating a blend of human vigilance, smart policy, and technology-driven solutions, organisations can build a resilient defence against insider threats,” he concludes.

Image:

You Might Also Read: 

Too Many Corporate Employees Ignore Cyber Security:

If you like this website and use the comprehensive 7,000-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

 

« How Do The UK Cyber Security & Resilience Bill & The EU's NIS2 Compare?
Trump Campaign A Target For Attacks From China »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Solarflare

Solarflare

Solarflare is a leading provider of intelligent networking I/O software and hardware platforms that accelerate, monitor and secure network data.

Norwegian Information Security laboratory (NISlab)

Norwegian Information Security laboratory (NISlab)

NISlab conducts international competitive research in information and cyber security and operates study programs in this area.

Hedgehog Security

Hedgehog Security

The key objective of Hedgehog is to provide simple, effective and affordable information security improvements that support your drive to increase productivity and profitability.

SecureKey Technologies

SecureKey Technologies

SecureKey is a leading identity and authentication provider that simplifies consumer access to online services and applications.

Science Applications International Corporation (SAIC)

Science Applications International Corporation (SAIC)

SAIC is a premier technology integrator in the technical, engineering, intelligence, and enterprise information technology markets. Services and solutions include Cybersecurity.

Onward Security

Onward Security

Onward Security provides security solutions including network & application assessment, product security testing and security consulting services.

Agio

Agio

Agio provide Managed IT & Cybersecurity for Financial Firms. Our industry-specific expertise and AI-powered service delivery transform reactive support into proactive prevention.

Emagined Security

Emagined Security

Emagined Security is a leading provider of professional services for Information Security and Compliance solutions.

SafeCipher

SafeCipher

At SafeCipher, we pride ourselves on being your single vendor-neutral resource for navigating the complexities of cryptographic data encryption.

NexGenT

NexGenT

NexGenT have combined military-style training with decades of network engineering and cyber security experience into an immersive program to get people into cyber security fast and effectively.

Atlant Security

Atlant Security

Atlant Security is a cyber and IT security company offering consulting and implementation services.

Harvey Nash

Harvey Nash

Harvey Nash is a leading global provider of talent and technology solutions.

Tonex

Tonex

Tonex providing industry-leading technology training, courses, seminars, workshops, and consulting services to companies and government organizations around the world.

GoPro Consultants

GoPro Consultants

GoPro Consultants is an IT Consultancy and IT Managed services provider Globally with immeasurable expertise of IT professionals in Hardware/Support & Consultancy and Project Planning.

Covenant Technologies

Covenant Technologies

Make Covenant Technologies the only choice for your IT and cybersecurity recruitment needs. We deliver quality candidates at the forefront of the cybersecurity and IT industry.

Rebellion Defense

Rebellion Defense

Rebellion Defense is a technology company developing advanced software to ensure mission-critical organizations stay ahead of emerging threats.