Thursday, May 19, 2022

Mitigating the Black Mark of Cybersecurity Threat

For long, companies have been too timid to report, recognize, or act against employees who have become a threat to their organization. Often, insider threat attacks are embarrassing or considered just an issue for the Human Resource departments. The insider threat is like a black mark on the management processes and the company’s reputation.

Insiders always have advantages over external factors seeking to circumvent security as employees enjoy significantly higher levels of privileges and trust along with extensive knowledge of organizational policies, processes, and procedures. Insider threats are difficult to catch because these are people having authorized access to the network and applications.  Sometimes even business partners compromise security through misuse, negligence, or malicious access to or use of an asset raising the security threat. Detecting and mitigating such a wide array of insider threats requires a specific approach compared to hunting for external threats.

15% of the data breaches and 20% of cybersecurity incidents that were investigated within the 2018 Verizon Data Breach Investigations Report (DBIR) originated from people within the organization. Significant financial gain (47.8%) and pure fun (23.4%) were the top motivators. All these attacks exploiting internal data and system access privileges are often only found years or months later, making their potential impact on a business immensely significant.

DBIR analysis has also flagged a shift in how social attacks such as financial pretexting and phishing might be misused. Attacks like these continue to infiltrate organizations via employees, are now increasingly a departmental issue. Furthermore, this year’s DBIR warns the C-level executives having access to the company’s sensitive information, are now the focus for social engineering attacks. The senior executives are 12x more likely to become the target of social incidents, and 9x more likely face social breaches than in previous years – and the financial motivation remains the key driver.

Below are some of the key countermeasures that can help reduce risks and enhance incident response efforts:

Conduct Threat Hunting Activities – Companies should make productive investments in threat intelligence, dark web monitoring, behavioral analysis and risk hunting to search, monitor, detect and investigate suspicious user and user account activities, both inside and outside the enterprise.

Read MoreSuccessful creation and deployment of B2B content marketing

Perform Vulnerability Scanning with Penetration Testing – Leverage vulnerability assessments and penetration tests to identify gaps within the infrastructure and application components, including potential ways for insider threats to maneuver within the enterprise environment.

Implementing Personnel Security Measures – The implementation of Human Resource Controls – background verification checks, Security Awareness Training, and Least-Privilege Principles to mitigate the number of cybersecurity incidents associated with unauthorized access to enterprise systems is mandatory.

Employing Endpoint Security Solutions – in addition to the standard robust endpoint security controls/solutions, User Entity Behavioural Analytics (UEBA), File Integrity Monitoring (FIM) tools, and Endpoint Detection and Response (EDR) solutions can deter, monitor, track, collect and analyze user-related activity.

Establishing Incident Management Capabilities – Establishing an incident management process to include an Insider Threat Playbook with trained and capable incident handlers, makes cybersecurity response activities more efficient and effective in addressing insider threat activities.

Read AlsoMost CMOs Prioritize CX Jobs As They Are Vital for Growth

Retain Digital Forensics Services – Have investigative response retained resources available, which can conduct a full-spectrum of detailed investigations ranging from the analysis of logs, files, memory, disk, and network forensics, in often intricate insider threat-related incidents.

By integrating all these countermeasures, with other existing strategies such as a Cyber Security Policy, Human Resources Management, Risk Management Framework, and Intellectual Property Management can strengthen efficiency, cohesion, and timeliness in addressing insider threats.

Latest news

Hampleton Partners advises akquinet enterprise solutions GmbH on its acquisition by Pathlock backed by Vertica Capital Partners

Hampleton Partners, the international M&A and corporate finance advisory firm for technology companies, has advised akquinet enterprise solutions GmbH, a leading provider of SAP...

3 in 5 Organizations Experienced Accidental Data Loss Over Email in the Past Year

New research from email security company Tessian and the Ponemon Institute reveals that nearly 60% of organizations experienced data loss or exfiltration caused by an employee mistake...

Virtusa Is Now a Global Systems Integrator for WSO2

Virtusa and WSO2 will combine their technical competency, market reach, and developer-focused technology stack to provide global digital transformation solutions for various industries Virtusa, a...

Techwave launches multi-cloud solution in the Microsoft Marketplace

Techwave, a leading global IT and engineering solutions company, today released one multi-cloud solution ‘TW Cloud Management Platform - Unity’ and two services ‘SAP...

ThreatQuotient Selected By Comcast To Support Cybersecurity Operations

ThreatQuotient™, a leading security operations platform innovator, today announced that Comcast (NASDAQ:CMCSA) has selected the ThreatQ Platform and ThreatQ Investigations to meet their cybersecurity...

Mobilitie to Acquire Signal Point Systems and Offer 5G Connectivity to U.S. Military Bases

Mobilitie, a BAI Communications company and the leading wireless infrastructure provider in the United States, has closed on an agreement to acquire Signal Point...

Related news

Hampleton Partners advises akquinet enterprise solutions GmbH on its acquisition by Pathlock backed by Vertica Capital Partners

Hampleton Partners, the international M&A and corporate finance advisory firm for technology companies, has advised akquinet enterprise solutions GmbH, a leading provider of SAP...

3 in 5 Organizations Experienced Accidental Data Loss Over Email in the Past Year

New research from email security company Tessian and the Ponemon Institute reveals that nearly 60% of organizations experienced data loss or exfiltration caused by an employee mistake...

Virtusa Is Now a Global Systems Integrator for WSO2

Virtusa and WSO2 will combine their technical competency, market reach, and developer-focused technology stack to provide global digital transformation solutions for various industries Virtusa, a...

Techwave launches multi-cloud solution in the Microsoft Marketplace

Techwave, a leading global IT and engineering solutions company, today released one multi-cloud solution ‘TW Cloud Management Platform - Unity’ and two services ‘SAP...

LEAVE A REPLY

Please enter your comment!
Please enter your name here