What’s the similarity between Bradley Manning and
Edward Snowden? Well, apart from the fact that both disclosed sensitive
information about the US government or its various arms and were hailed as
“whistleblowers” by some and slammed and persecuted by their own government,
they were also quintessential “insiders”. Or, to put it simply, people who
ended up leaking classified information about the very same organization that
they worked for.
Surprised? Welcome to the
world of insider threats, a kind that is perhaps the most under-appreciated of
cyber threats since they mostly fly under the radar as stories about hackers and
other criminal actors grab the headlines.
According to the SANS
Institute, one-third of enterprises have suffered from an insider caused
breach, with possible losses from each incident amounting to more than $5
million. Research firm Gartner says that more than 70% of unauthorized access
to data is committed by an organization's own employees. These are good enough
indicators to gauge the level of threat that insiders pose.
Insider attacks, be it from a
disgruntled employee or an absent-minded manager, are more insidious because
they betray the trust the organization has in its employees and partners. They
are also harder to detect and take longer to discover than any other type of
threat. Also, this threat simply can’t be wished away as every organization
needs employees and partners who will need access to sensitive information to
do their jobs effectively.
Besides, not all insiders have
a malicious intent. Often, data loss happens due to unintentional mistakes made
by people—accidental insiders—or users whose credentials have been compromised
or stolen—compromised insiders.
Alas, the existing approach to
information security relies heavily on protecting the technology
infrastructure, which while needed will not solve this insider threat.
So, what can organizations do
about it? How can they counter such threats?
The Human Point
The answer perhaps lies in
having a more human-centric approach. To protect and secure data from such
insider threats, a new approach is required where the focus needs to be on understanding
the points in which trusted people – employees, partners, and contractors –
interact with critical business data and intellectual property. It is human
points of interaction where businesses see critical data as most valuable. And
these are precisely the points where the data is also the most vulnerable.
Learning how users interact
with critical data has to become a priority for security professionals. And
while there’s agreement that understanding behavior and intent is vital to
cyber security, most security professionals are unable to do so effectively as
it is an entirely new security paradigm.
To effectively counter insider
threats, intelligent integrated systems are needed that provide visibility into
user behavior and uncover intent by providing the context behind a user’s
actions. These systems of integrated solutions, when coupled with comprehensive
cyber security programs, can secure today’s mobile workforce, reduce the
incident management burden on IT teams, increase the value of new security
investments, and provide proactive security that promotes innovation within the
organization.
It’s time businesses start
adopting this new approach to security and have intelligent systems that allow
good employee behavior and facilitate business while stopping bad cyber
behaviors.
And the time to start was
perhaps yesterday. Else, tomorrow the next Bradley Manning or Edward Snowden
might come from your organization.
reproduced from - https://tinyurl.com/y9jjf467