Back in September 2021, we had the opportunity to moderate a panel discussion at the SANS Institute Forum. During this conversation, top security executives from Gilead Sciences, Eaton Corporation, and NBN Australia shared their expert knowledge around insider risk management solutions. In previous blog posts, we highlighted insights stemming from this session, sharing some of the ways that organizations can determine what to protect and who to protect it from as well as the top challenges to managing insider threats.
In today’s post, we are examining what’s next for insider threat prevention and the strategies that will be critical to keep top-of-mind in 2022:
- Streamlining Data Sets for Success
With the Covid-19 pandemic accelerating digital transformation and the transition to hybrid work for enterprises across the world, it is becoming increasingly difficult to manage accountability across many different teams within an organization. Context is key to understanding user behavior on the endpoint, which is why figuring out a way to streamline the data and alerts that come from multiple solutions will be more important than ever to successfully mitigate insider risks in 2022.
With more people taking advantage of a remote working environment, the lines between work lives and personal lives are more blurred than ever before, presenting a greater risk for organizations. For example, we’ve seen corporate devices turn into blended devices now that employees are working from home. Understanding this transition and having context around how and when a user interacts with systems on a day-to-day basis offers security analysts critical insight into who the individual is, empowering them to make timely assessments around whether or not actions are presenting a real risk to an organization. In addition to eliminating confusion around multiple alerts from various systems, streamlining data helps organizations protect the privacy of their employees.
- Considering Geopolitical Factors
Insider threats are part of a much bigger threat landscape. In order to understand how insider threats underpin the rest of the cyberthreats we see, organizations need to take a step back and look at the larger geopolitical factors that will play a critical role in determining what’s next for the threat landscape. This will include examining the policies of critical systems and the potential impact upcoming government legislation may have on protecting insiders against compromise.
- Understanding The Principle of Proportionality
When you hear the term insider threat, many often feel like it’s an us versus them kind of a situation, between employer and employee, but that’s not at all the case. Protecting and respecting employees’ privacy is a fundamental part of any successful insider risk program. Monitoring what people are doing inside their home is very different from monitoring what they’re doing in the office and employees need to trust that organizations aren’t adopting a ‘big brother’ approach.
For those of you expanding operations into Europe, proportionality between security, surveillance and privacy will be key when dealing with national cybersecurity councils, especially in places like Germany, Austria, and Spain that require enterprises to demonstrate this balance. Even with DTEX’s privacy by design approach, which leverages patented data anonymization capabilities, the global deployment of an insider threat solution requires coordinating with work councils, meeting local privacy and compliance regulations, and providing timely reaction to new privacy policies that are often changing on the fly.
When it comes to the future of successful insider threat mitigation, your employees are your greatest asset. Learn more about how DTEX can assist in your insider risk management strategy for 2022 and drop us a line here: https://www.dtexsystems.com/contact-us/.