Highly publicized insider data thefts and security breaches highlight the increasing need for better security practices and solutions to reduce the risks posed by malicious insiders as well as unintentional insiders. This report is the result of comprehensive crowd-based research in partnership with the 300,000+ member Information Security Community on LinkedIn and Crowd Research Partners to gain more insight into the state of insider threats and solutions to prevent them.
Even in the best of economic circumstances, enterprises face risks of insiders stealing data or selling access to systems. But Joseph Blankenship of Forrester says the possibility of layoffs due to the COVID-19 pandemic puts enterprises at more risk of insider threats. “We’re reaching a period where everyone is somewhat uncertain,” says Joseph Blankenship, a vice president and research director with Forrester. “A lot of the insider threat is driven by personal factors.”
With an increase in companies exploring user activity monitoring solutions, it’s important to understand the legal guardrails. Check out my latest blog – Employee Monitoring: Advanced Legal Considerations (Part 1) – where I explore who can be monitored, what can be collected, why can information be collected, and parameters of using collected information. In Part 2, I’ll explore incentives for monitoring – regulatory, legal, and duty of care – as well as the evidentiary applications of collected information.
Timely report from Proofpoint with some sobering stats for our new-normal remote workplace ecosystem.
· More than 50% do not password-protect home Wi-Fi networks.
· 32% do not know what a virtual private network (VPN) is.
· 90% of working adults admit to using employer-issued devices for personal activities.
· Nearly 50% allow friends and family to access their work devices.
While the move to a remote workforce will likely result in an increase in threats from insiders, its important to understand that this does not necessarily mean an increase in “intentional threats.” In fact, most threats are from well-intentioned employees trying to do their job, which may now become more challenging (from a security perspective) than before. For this reason, I’ve always advocated for an “insider risk management” strategy that serves to manage risk (asset impacts, threats, and vulnerabilities) and support employee productivity, instead of treating all employees as bad actors that need to be continuously monitored.
Over the last several years, high-profile data breaches and leaks have shined a spotlight on insider risk management. Companies in every industry have been dedicating more resources towards the mitigation or response to insider threats as part of their security program.