September 2021 is being marked, by IT professionals at least, in the U.S. as National Insider Threat Awareness Month. The theme for 2021 is “Insider Threat and Cultural Awareness.” The recommendation is to promote awareness and understanding of cultural differences within the workforce, and through this helping employees to avoid social missteps and prevent the type of unintentional harm that can lead to increased risk of insider threats.
To discover more about the reason for marking out an entire month for all things cybersecurity, Digital Journal sought the opinion of Anurag Kahol, who is the CTO and Cofounder of Bitglass.
Kahol begins by explaining that all too often an IT security policy is focused on external threats. However, it also makes good sense to direct attention within. He explains: “While many companies focus on ransomware and malware as top cybersecurity risks, insider threats should also be top of mind – whether there is malicious intent or well-intentioned employees who simply make costly mistakes.”
To put this into context, Kahol finds that “61 percent of organizations reported experiencing at least one insider attack last year.” This relates to a survey of IT professionals conducted by Bitglass.
This is something that is set to expand. According to Kahol: “As companies move toward a hybrid work model, IT teams will be challenged with safeguarding sensitive corporate data from insider threats both in the cloud and on-premises. This further validates the need for complete visibility and control across the hybrid IT ecosystem.”
In terms of the systems and approaches that companies should be adopting to stem the tide of insider threats, Kahol recommends: “To proactively detect and mitigate insider threats, organizations must follow best practices in cybersecurity, information governance and employee training.”
Kahol also suggests that firms adopt: “Multi-faceted security platforms that are designed to monitor user behavior, secure personal devices and prevent data leakage on any interaction are essential for defending against insider threats.”
Kahol concludes his analysis, summing up the importance of being proactive: “By taking a vigilant approach to security, enterprises can confidently ensure sensitive company, employee and customer data is granularly secure.”