Technology Can Not Diminish Insider Threats By Itself

Uploaded on 2017-05-02 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-Law Enforcement, FREE TO VIEW, TECHNOLOGY--Resilience

A trusted insider is more of a therat to the US government than the threat of Russian or Chinese economic espionage 

Insider threats have disclosed and improperly removed troves of sensitive information from government networks that compromise secrets and highly secretive security programs. While various technical and cyber-enabled monitoring tools have been applied to prevent such actions, the intelligence community’s top counter-intelligence officer believes that understanding the human element is most important.

“The mind of the insider threat: That is what I believe to be the critical component of stopping, if we can,” the individual that wants to be nefarious and do malicious behavior, said William Evanina, the national counter-intelligence executive within the Office of the Director of National Intelligence.

Speaking during a recent event hosted by the Intelligence and National Security Alliance, he said monitoring these insider threats is “almost impossible” because the intelligence community, government or private sector are not going to create a draconian environment where they search people on their way in and out. 

The question, then, does not become one of technological solutions, some of which use analytics to monitor certain cyber activity, but rather how to get “left of an event” by identifying the individual and providing a venue to act out. These venues, he said, could be as simple as an employee assistance program, an interview with someone in the security department or a peer consultation.

There are highly capable tools to track keyboard strokes and data, but it will not identify an individual that was passed up for a promotion or the individual going through a divorce or financial difficulties, Evanina said.

“There is no technological monitoring that can detect that.” 

He said there are three categories that are key to understanding and identifying the insider threat: narcissism; Machiavellianism (the ability or a want to manipulate others); and a callous, cold personality. 

The key to success for curbing insider threats will be to marry these three categories by understanding the individual’s mindset and have robust monitoring on the individual's systems and data.

INSA released a white paper outlining behavioral models that can improve the monitoring of insider threats. “Both goals, improving early warning of vulnerability and understanding individual complexity, entail not only defining psychological models but also seeking methodologies and tools that can assist in swift, continuous identification and assessment,” the white paper reads. 

“Most efforts to data have focused on characterising individuals at a specific point in time, during an initial or periodic investigation, but employers now recognise the importance of leveraging innovative technology and data sources to monitor and evaluate individuals on a continuous basis.
 
With the boom in social media, the report notes that leveraging certain tools can help identify certain individuals and personalities at risk for insider threats. These include personality mapping (psycho-linguistics), life-event detection (text analytics) and emotion detection (sentiment analysis). 

C4Isrnet
 

 

You Might Also Read: 

US Intelligence Agencies Fear Insiders As Much As Spies:

Safeguard Data When Employees Leave:

Are Employees Your Weakest Link When It Comes To Security?:

 

 

« Ten Myths About Cybercrime
Cybersecurity Trends For Boards & Directors »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Mielabelo

Mielabelo

Belgian consulting firm providing services in the security and compliance of information systems and IT service management.

RISA

RISA

RISA solutions help to secure networks, improve overall network security, and achieve government regulatory compliance.

Lantronix

Lantronix

Lantronix is a global provider of secure data access and management solutions for Internet of Things (IoT) and information technology assets.

Pervade Software

Pervade Software

Pervade Software is a global provider of dedicated compliance tracking software with monitoring & reporting capabilities.

Vintegris

Vintegris

Vintegris are a Certification Authority and manufacturer of innovative systems and applications for the full cycle of digital identity.

Polyrize

Polyrize

The Polyrize continuous authorization platform for SaaS and IaaS stops tomorrow's public cloud cyber threats, today.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node

NSW Cyber Security Innovation Node is part of a national network designed to foster and accelerate cyber capability and innovation across Australia.

Viakoo

Viakoo

Viakoo is an Enterprise IoT Applications Management company providing performance, security, and compliance. Viakoo enables you to be proactive in maintaining cyber hygiene and protecting your network

Opora

Opora

Opora is the leading cybersecurity provider of adversary behavior analytics “ABA” and preemptive security solutions.

Clearnetwork

Clearnetwork

Clearnetwork specializes in managed cybersecurity solutions that enable both public and private organizations improve their security posture affordably.

SafePaas

SafePaas

SafePaas is a leading Enterprise Risk Management Platform. One source of truth for all your Audit, Risk, and Compliance requirements. Complete governance across your systems.

Obsidian Security

Obsidian Security

Protect your business-critical applications by mitigating threats and reducing risk with Obsidian, the first truly comprehensive security solution for SaaS.

National Cybersecurity Agency (ACN) - Italy

National Cybersecurity Agency (ACN) - Italy

The ACN is the National Authority for Cybersecurity in Italy. the Agency promotes public-private initiatives to strengthen the national cybersecurity and resilience posture.

Amyna Systems

Amyna Systems

Amyna has developed an IoT cybersecurity platform that prevents malignant attacks, helping users to protect themselves from cyberattacks.

Realm.Security

Realm.Security

Realm.Security is pioneering the creation of an easy-to-implement, simple-to-use security fabric solution that is purpose-built for cybersecurity.