Employees forced to work remotely during the COVID-19 pandemic altered their online habits, and to minimize hacking risk they needed cybersecurity tools to keep up. As a result, security administrators face a danger they may not have previously anticipated: attacks from insiders.
Business and security leaders are allowing massive Insider Risk problems to fester in the aftermath of the significant shift to remote work in the past year according to Code42's newest Data Exposure Report on Insider Risk, conducted by Ponemon. During that same time, three-quarters (76%) of IT security leaders said that their organizations have experienced one or more data breaches involving the loss of sensitive files and 59% said insider threat will increase in the next two years primarily due to users having access to files they shouldn’t, employees’ preference to work the way they want regardless of security protocols and the continuation of remote work.
While providing access for third-party, non-employees is critical to meeting business objectives, it oftentimes has the unintended consequence of exponentially increasing an organization’s attack surface. With the proper identity-proofing practices and capabilities in place, organizations can verify the identities of their users, support risk management initiatives and better protect critical assets – eliminating the third-party risk management blind spots.
Defending against insider threats is one of the biggest challenges an organization can face, and the COVID-19 pandemic has only made detection more challenging as remote employees continue to use virtual private networks (VPNs) to access sensitive company files and information. Here, we talk to Carolyn Crandall, Chief Deception Officer at Attivo Networks, to discuss how security teams can use deception technology to detect and prevent insider threat attacks.
A 30-minute movie, inspired by true events, called “The Nevernight Connection," details the fictional account of a former U.S. Intelligence Community official targeted by foreign intelligence service via a fake profile on a professional networking site and recruited to turn over classified information.
It sounds simple: a company must be a safe place to work, and people will want to work for companies that make them feel safe. Companies have a duty of care and responsibility to keep employees safe, even as many work remotely. But as enterprises undergo digital transformation, physical security has at times been left behind (with legacy and outdated technology systems) despite a rise in threatening events and its increasing importance for corporations. Embracing digital protective intelligence and making safety a priority is not just a way to support wise corporate values, but given the potential loss of life and the cultural, bottom line and brand reputation damage that could occur, must be a mandate for modern business operations.
A new report shows this year’s shift to a largely remote workforce by the Global 5000 has significantly changed behaviors of employees and trusted insiders.
As September is National Insider Threat Awareness Month, there is no better time than the present to seriously reconsider how we educate America’s next generation of business leaders about these critical intelligence issues. As we wait on MBA programs to catch up to America’s new geopolitical reality, these are the three most important issues business schools, early stage entrepreneurs, and even seasoned pros should consider as they protect their life’s work.
September is National Insider Threat Awareness Month (NIATM), which is a collaborative effort between the National Counterintelligence and Security Center (NCSC), National Insider Threat Task Force (NITTF), Office of the Under Secretary of Defense Intelligence and Security (USD(I&S)), Department of Homeland Security (DHS), and Defense Counterintelligence and Security Agency (DCSA) to emphasize the importance of detecting, deterring, and reporting insider threats.
A majority of survey respondents (61%) reported at least one insider attack over the last 12 months (22% reported at least six separate attacks). Forty-nine percent of respondents stated that at least one week typically goes by before insider attacks are detected; additionally, 44% said that another week usually passes before the organization recovers from the attacks.