How to Tackle Insider Threats to Enterprise Data
Image courtesy: CNBCFM
Twitter was amongst the first in the world to suggest remote working to beat the pandemic and it has once again emerged tops when it comes to data theft. The company confirmed that hackers used tools available to staffers to carry out an attack that compromised accounts of Barack Obama, Elon Musk, Kanye West and Bill Gates to name a few.
A survey by the Wall Street Journal Pro Research of 400 enterprises revealed that nearly three-fourth of the cybersecurity executives were concerned about employees turning rogue. The concern over the rise of insider threats is growing at a pace that’s faster than before and needs to be arrested. Of course, the survey doesn’t clarify if all of the threat is malicious or if there’s also likely to be incompetence at work. Whatever be the case, there’s a need to fix the issue and here is what we offer:
- Negligence or lack of awareness could be a reason for growing insider threats. Thus, training and knowledge development on the issue could be an immediate task for enterprises. Remote work is the new norm which also means there’s no direct face-to-face supervision. There is little or no training that companies are focusing on.
- The first step therefore would be creating regular training of staff members to handle security threats. Given that most enterprises were caught unawares by the pandemic, there is also the challenge of providing information on how to remain safe in cyber space, which is the first step towards creating cyber safety as a behavior change in the employee.
- Researchers hold the view that negligent insiders are the biggest threat which means despite having the best intentions, they accidentally give away data or put data at risk. Experts say that staffers using company devices that was probably dependent on network security. For e.g., if a staffer was accessing emails behind firewalls earlier, she is now on an unsecured home network.
- And this home network could easily result in unintentional errors as there is no real security protocol that they follow. In fact, this is another area where companies should quickly organize some training for the staffers. How to secure their laptops or handle sensitive data that they can access from home are some key topics to be discussed.
- A recent IBM Security survey said over half the employees reached hadn’t received new security guidelines. For e.g. customer service agents who worked from call centers are managing data in the comparative insecurity of the home network. Worse still, 60% of staffers use their personal computing devices for business operations. Given that the remote working appears to be a long-haul, companies should consider couriering staffers’ office systems to their homes, especially to those who are performing mission critical tasks and access personal data records.
- Also, there is an HR issue lurking in the background as with layoffs and salary cuts already part of the new reality, there is every chance of staffers turning rogue. This is where regular town halls over video conferencing and direct approach by the people development divisions could help in minimizing the damage. There is a requirement to prepare the organization and the employee towards the severance, which is unfortunate but unavoidable in the current scenario.
- Companies should also consider better visibility into devices that staffers use. Flow-based reporting to manage bandwidth consumption, VPN over-subscription and troubleshooting applications besides enhancing network visibility are critical. Applications and security teams need to be over-vigilant while technologies like SD-WAN can allow disruptive threats.
- CISOs need to build threat scenarios on a regular basis that focuses on three areas that could include investing in employee monitoring and surveillance, building policies and personas that are specific to their company and examining past insider threats.
Of course, most of these measures involve both capital expenditure for software and staff resources as till the time that remote working continues these cyber challenges caused by both malicious as well as negligent employees to data security and privacy are likely to remain. Such investments would help the CISOs efficiently roll out response, mitigation and recovery when violations do occur.