Identifying and managing insider threats

No photo availableCIO Africa authorBySid Chudasama
3 min read

As the world becomes more connected, new forms of threats are arising. Insider threats are increasingly becoming complex to identify…

Insider_Threat

As the world becomes more connected, new forms of threats are arising. Insider threats are increasingly becoming complex to identify and manage.

During the upcoming regional Cloud and Security Summit in Nairobi, experts will converge to explore the level to which risks can be posed, by insider threats to the corporations.

A topic that is never left out of the corporate agenda, Insider threat is more nuanced than its external equivalent, making it difficult to manage with conventional security tools alone. An external attack typically requires an initial exploit or breach to gain access to the target network. In most cases these will trigger alerts from automated intrusion detection systems and prompt incident response teams to investigate.

Insider threats can originate from lack of awareness. For example, employees creating workarounds to technology challenges or using their own personal devices (i.e., bring your own device — BYOD) to access work emails can create new vulnerabilities within an organization’s physical security processes and IT systems

Although technology can play an important role in identifying potential insider threats, it is not just an IT issue. It takes an enterprise-wide approach — including many human elements — to plan for, prevent, detect, respond to and recover from insider threats.

Managing insider threat risk should be part of a holistic corporate security program, from both information security and physical security perspectives.

Common insider threat indicators include: Maintaining access to sensitive data after termination notice, use of unauthorized external storage devices, attempts to bypass security controls,, chronic violation of organization policies, amongst others.

Lack of awareness, expectedly is a major factor in insider threats. While some insiders seek to compromise sensitive corporate data for monetary gain or out of spite, others do so accidentally due to negligence or lack of awareness.

The chief information security officer (CISO) must be aware of these patterns to detect suspicious motives, which requires a holistic and layered approach.

Combating insider threats is an organizational issue that crosses people, processes and technology and requires a detailed understanding of the organization’s assets and security posture.

The Cloud and Security Summit hosted by CIO East Africa, The Cloud and Security summit will aim to expound on such questions, bringing to light to importance of data and its governance, its protections and how security and privacy are tipped to be the big players on the journey to cloud adoption.

The session will be bringing together IT and Cyber Security experts comprising Cyber Governance and Compliance Teams, CISOs, CIOs, CTOs and IT Architects in the public and business enterprises share experiences that’s squarely intended to debunk cyber security and myths around cloud and security.

To register, click the link below:

https://www.eventbank.com/event/east-africa-cloud-and-security-summit-20298/

 

Leave a Reply

Your email address will not be published.

Do you have a story that you think would interest our readers? Write to us editorial@cioafrica.co