September Is Insider Threat Awareness Month
The new month ushers in the end of summer and security awareness.
September is not only when we bid goodbye to summer, but it's also National Insider Threat Awareness Month.
Launched in 2019 by the National Counterintelligence and Security Center (NCSC), alongside the National Insider Threat Task Force (NITTF) and other U.S. government agencies, many organizations now also recognize the importance of insider threat awareness.
The NCSC and the NITTF are holding a series of events throughout the month. Many of these events focus on technology – including how social media and artificial intelligence could stoke mass shootings, and how online gaming platforms can be used to leak classified information and as serve a vehicle for other security risks.
Here’s what some security experts are saying about insider threat awareness:
"One of the most significant insider threats facing organizations today is the challenge of properly managing employee exits and access revocation,” said Larry O’Connor, CEO and founder, Other World Computing , in a statement. “Even weeks or months after departure, it is all too common for exiting employees to still have lingering access to company systems and data. From there, malicious insiders can then steal sensitive data or sabotage critical systems rather easily by exploiting these oversights. And, as organizations have become more reliant on cloud services and remote work, unfortunately this risk has only grown.
“Luckily, today we have robust identity and access management controls to mitigate these insider risks. This includes automating the process of disabling accounts across all apps and services when an employee leaves the company. Leveraging technologies like two-factor authentication and certificate-based authentication can also help prevent unauthorized access -- even if login credentials are compromised. Additionally, maintaining comprehensive, air-gapped backups of critical data is essential - this provides a secure fallback in case malicious insiders do manage to delete or encrypt production data.”
"National Insider Threat Awareness Month is a crucial reminder not to underestimate the significance of risks from within -- regardless of whether they are malicious or a result of negligence. For a clearer picture of just how significant, the 2023 Cost of Insider Risks Global Report by the Ponemon Institute revealed that in 2023, the average annual cost of an insider risk rose to $16.2 million per organization, while the average time to contain an incident extended to 86 days, compared to $15.4 million and 85 days in 2022," said Carl D’Halluin, CTO, Datadobi.
“Some might be surprised to learn that it is, in fact, unstructured data that is the most vulnerable due to it being the predominant data type (80% of data). It is the most difficult to manage, secure, and protect, and it often contains valuable and sensitive information making it rather attractive to those that wish to exploit it for personal gain or corporate sabotage.”
And DeeDee Kato, vice president of corporate marketing at Foxit, weighed in with: "I think it’s time to shine a light on the importance of robust document security measures – especially, when it comes to the often-overlooked PDF.
Whether you are a government agency, a business, a healthcare provider, a financial institution – it is a safe bet that highly sensitive information is contained within your PDF docs. However, it is important to know that not all PDFs are created equal – especially when it comes to providing protection against internal threats, or external for that matter ...you should start off by choosing a solution that doesn’t skimp when it comes to robust protection features – like encryption, digital signatures, and redaction tools."
"Next on the checklist should be advanced permission settings to control actions such as printing and editing. And let's not forget that it should integrate with Microsoft OneDrive, SharePoint, etc. to protect your documents, data, and personal information, as well as include watermarking to deter unauthorized distribution. Audit trails and tracking capabilities are two more features that will take your data protection and security to the next level – enabling you to monitor access and modifications, and comply with those all-important data protection regulations," Kato added.