National Insider Threat Awareness Month is observed annually in September. It was first launched in 2019 to help organizations and individuals better understand insider threats and encourage the development of strategies to address them. Although it was initiated by the National Counterintelligence and Security Center (NCSC) in partnership with the National Insider Threat Task Force (NITTF) and other U.S. government agencies, many organizations and countries worldwide recognize the significance of insider threat awareness and now actively engage in related activities and initiatives.
To gain an insight into the current issues, Digital Journal heard from executives from Other World Computing (OWC), Datadobi, and Foxit. These perspectives are presented in three inter-linked articles.
The first assessment comes from Larry O’Connor, CEO and Founder, Other World Computing (OWC).
The focus from O’Connor is inside the firm, especially with employees who are leaving the company. Some employees are privy to special information which can be misused, especially if the exit from the firm was not under ideal circumstances.
O’Connor explains: “One of the most significant insider threats facing organizations today is the challenge of properly managing employee exits and access revocation. Even weeks or months after departure, it is all too common for exiting employees to still have lingering access to company systems and data.”
As to the dangers, O’Connor explains: “From there, malicious insiders can then steal sensitive data or sabotage critical systems rather easily by exploiting these oversights. And, as organizations have become more reliant on cloud services and remote work, unfortunately this risk has only grown.”
There are several measures that can be adopted to minimise the risk from the disgruntled employee, as O’Connor elucidates: “Luckily, today we have robust identity and access management controls to mitigate these insider risks. This includes automating the process of disabling accounts across all apps and services when an employee leaves the company. Leveraging technologies like two-factor authentication and certificate-based authentication can also help prevent unauthorized access — even if login credentials are compromised.”
The expert expands on the defensive tactics further: “ Additionally, maintaining comprehensive, air-gapped backups of critical data is essential – this provides a secure fallback in case malicious insiders do manage to delete or encrypt production data.”
Circling back to the current focus of business communication in relation to these ever-present risks, O’Connor notes: “During National Insider Threat Awareness Month, the key message for organizations is to take a hard look at their security practices around employee offboarding and data protection.”
Be ready for the incursion, is O’Connor’s advice, as he states: “It’s not a matter of if, but when, an insider threat incident will occur. Companies can significantly reduce the risk and impact of these threats by proactively implementing the right people, processes, and of course technologies. Bottom line — protecting against malicious insiders should be a top cybersecurity priority all year round.”