gurucul.com
Open in
urlscan Pro
192.124.249.53
Public Scan
URL:
https://gurucul.com/news/16-smart-steps-toward-building-a-robust-insider-threat-program
Submission: On November 23 via api from US — Scanned from DE
Submission: On November 23 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
GET https://gurucul.com/
<form role="search" method="get" class="ubermenu-searchform" action="https://gurucul.com/">
<label for="ubermenu-search-field">
<span class="ubermenu-sr-only">Search</span>
</label>
<input type="text" placeholder="Search..." value="" name="s" class="ubermenu-search-input ubermenu-search-input-autofocus" id="ubermenu-search-field" autocomplete="on">
<button type="submit" class="ubermenu-search-submit">
<i class="fas fa-search" title="Search" aria-hidden="true"></i>
<span class="ubermenu-sr-only">Search</span>
</button>
</form>Text Content
Request a Demo
Primary Menu
* SECURITY
* PLATFORM
* Gurucul Risk Analytics (GRA)
* – Real-time Behavior Analytics
* – Actionable, Prioritized Risk Intelligence
* – Customizable Machine Learning Models
* SOLUTIONS
* Cloud Security Analytics
* Insider Threat
* Medical Device Discovery & Monitoring
* MITRE ATT&CK Analytics
* Zero Trust Security
* Securing Data with a Remote Workforce
* Remote Third Party Workforce Service
* PRODUCTS
* Gurucul Analytics-Driven SIEM
* Gurucul UEBA
* Gurucul XDR
* Risk-Driven-SOAR
* Gurucul Security Data Lake
* Gurucul ML-Based NTA
* Powered by Gurucul Risk Analytics
* IDENTITY
* PRODUCTS
* Identity Analytics
* SOLUTIONS
* Privileged Access Intelligence
* Risky Account Discovery & Cleanup
* Risk Based Access Certifications
* Risk Based Authentication
* Dynamic Access & Role Modeling
* SoD Intelligence
* Discover & Manage Access Risks in This Global Pandemic
* Powered by Gurucul Risk Analytics
* FRAUD
* PRODUCTS
* Fraud Analytics
* SOLUTIONS
* Account Takeover & Login Fraud
* Anti-Money Laundering (AML)
* Call Center Fraud
* Credit Card Fraud
* Insider Fraud
* Mobile Fraud
* Payment Fraud
* Transaction Fraud
* Regulatory Compliance
* Gurucul Named An Overall Leader in KuppingerCole Leadership Compass Report
for Fraud Reduction Intelligence Platforms
* Powered by Gurucul Risk Analytics
* SERVICES
* SERVICES
* Gurucul Labs
* Gurucul SaaS
* Professional Services
* Support Services
* Training
* Support Portal
* RESOURCES
* MEDIA
* Blog
* Newsroom
* Videos
* Case Studies
* Datasheets
* Whitepapers and Reports
* Webinars
* Borderless Behavior Analytics
* Post Archives
* INDUSTRIES
* Financial Services
* Healthcare
* Federal
* COMPANY
* COMPANY
* About Gurucul
* Why Gurucul
* Board of Advisors
* Leadership
* Events
* Awards
* Careers
* Contact Us
* PARTNERS
* Technology
* MSSPs and Resellers
* Deal Registration
* Recognized for Best Behaviour Analytics/Enterprise Threat Detection
* Search Search
16 SMART STEPS TOWARD BUILDING A ROBUST INSIDER THREAT PROGRAM
Free Services to help you during COVID-19 Learn More
Support Request a Demo Contact Us Blog
By Admin November 22, 2021
Expert Panel | Forbes.com »
Hackers on the outside aren’t the only cybersecurity concern companies need to
worry about these days: Insider threats present a growing issue that businesses
must address. According to a study by Ponemon Institute, the average global cost
of insider threats in 2020 was $11.45 million—a 31% jump from 2018. Insider
threats encompass both intentional and accidental acts, so it’s essential for
companies to develop a holistic approach that combines enhanced security
measures with education.
The smallest of cracks can lead to devastating consequences for a company, so
it’s important to carefully consider all potential risk vectors when creating an
insider threat program. To help, 16 industry experts from Forbes Technology
Council have shared essential steps companies should take to build a truly
robust insider threat program.
1. START WITH A CARING CULTURE
Security starts with culture. This means talking about security openly and
often, leaning in and investing to show your employees you care through
training, SOC II investments and more. As team members leave the company, they
need to stay connected. This can mean they retain a portion of the company or
stay informed and included through e-news updates and alumni events. – Saikat
Dey, Guardhat Inc.
2. IMPLEMENT ZERO TRUST
The move beyond the company perimeter brought about by remote working, along
with the increase in data breaches, renders the concept of trust extinct. That’s
why businesses must implement zero trust, built on the principle of “never
trust, always verify.” Implemented along with encryption to protect data at the
source, zero trust will ensure that access to your organization’s data is
continually verified. – Alex Cresswell, Thales Group
3. GET BUY-IN FROM ALL DEPARTMENTS
Getting stakeholder buy-in from all departments across the organization is
critical. When organizations are building an insider threat program, the HR and
legal departments are often overlooked, yet they provide some of the most
critical context. Safely monitoring employee behaviors starts with deciding what
user data should be collected and how that data should be analyzed to detect
risky anomalies in real time. – Saryu Nayyar, Gurucul
4. Approach Risk Management As A Strategic Opportunity
Historically, risk management has been viewed as necessary, but not integral, to
a business’ operations. We need to think about risk management differently,
treating it as a strategic opportunity to deliver bottom-line benefits. Taking a
holistic approach involving the entire organization in identifying and assessing
insider threats will help improve decision making and better protect assets over
the long term. – Matt Kunkel, LogicGate
5. Pair Access Control With Monitoring And Detection
Security by design is the key here. An organization needs to have robust access
control management along with enhanced monitoring and detection techniques in
place. Applying the principles of least privileged access and separation of
duties is very critical to prevent insider threats. Complement these strategies
with privileged access management methods. – Lalit Ahluwalia, Wipro Limited
6. Inspect Outgoing Data
Get back to basics: Back in the day, you couldn’t leave the office without a
security guard checking your briefcase. A comparable technique in the virtual
world is to inspect outgoing data and messages for any suspicious content.
– Arie Brish, cxo360
7. Monitor Your Most-Used Applications
Don’t overthink it. Most solutions on the market drive you down a path of
overcomplicating the problem. Dip your toe in the water by monitoring activity
around the main applications your workforce uses daily, such as G Suite,
Microsoft 365 and Salesforce. This is the best proxy you’ll find to figure out
who is really who, who is being careless, and/or who is the real threat. – Grant
Wernick, Fletch
8. Automate Event Analysis
Start looking at AI-powered threat-prevention solutions. The volume of threats
is just too large for any cybersecurity team to detect, prevent and respond to.
With AI solutions, much of the work of event analysis is automated, easing the
burden on cybersecurity teams and complementing their work to secure an
organization’s data and infrastructures—especially their rapidly growing cloud
infrastructures. – Juliette Rizkallah, A Cloud Guru
9. Set Up Role-Based Access Control
Role-based access control is the best defense against insider threats. It
ensures individuals are not erroneously allowed access to escalated privileges.
If an organization isn’t maintaining appropriate levels of critical system
access—especially as distributed workplaces and the “bring your own device”
culture become the norm—the threat of insider attacks will only continue to
grow. – Brian Spanswick, Cohesity
10. Carefully Steward Your Data
Know your data. Audit it, sample it and inventory it on a continuing basis. Seek
to deeply understand its creation/collection “origin story,” its sharing and
collaboration profile, its relative sensitivity, who uses it and how, and who
it’s shared with internally and externally. Know what its useful lifetime is and
how best to decommission/destroy it when it’s no longer needed. – Sean
Steele, Infolock
11. Record All IT Activity On Your Network
Just as security cameras inside buildings continuously record entrances and
departures, companies must continuously record all of the IT activity on their
network. Proven to reduce insider threats, network detection and response
systems can record a year’s worth of activity using limited storage. These
systems use artificial intelligence and machine learning to provide real-time
surveillance without storing any personal information. – Patrick
Ostiguy, Accedian
12. Map Your Data And Watch For Risky Behaviors
Map your company’s data, identifying all entry and exit points and all the
employees, contractors and third parties who have access to it. From there, it
comes down to training and monitoring. Reinforce existing policies—especially
for employees who consistently break the rules or make mistakes—and diligently
watch for the warning signs that indicate risky employee behaviors. – Edward
Bishop, Tessian
13. Build An Auditable System That Logs User Actions
One essential step is building an auditable event logging solution surrounding
your critical data and systems. The ability to track a user’s actions is of
paramount importance; however, this will only ever be effective if the control
and approval of users’ accounts and privileges follows a robust and auditable
process. – Eoin Keary, Edgescan
14. Provide Ongoing Training For Those On The Front Lines
The most important step is to educate and train the individuals in your
organization who face risk. Cybercriminals evolve their attacks, and employees
need awareness training to help them know how to spot scams and attacks. Most
employees are on the front lines; the more aware they are, the better off an
insider threat program will be. Protecting against threats involves everyone
taking a role in defense. – Michael Xie, Fortinet
15. Encourage Questions
Create an open culture where everyone is encouraged to learn and ask questions
freely and without consequences. This allows you to educate your teammates to
prevent insider threats. It also allows you to address them effectively when
they occur. That is how you build a robust insider threat program. – Olga V.
Mack, Parley Pro
16. Provide Support For Your Team Members
In our organization, every programmer has a mentor. They’re also engaged in
regular one-on-ones to talk about life, family and other non-job-performance
issues. Dehumanization goes hand in hand with hacking. – Meagan
Bowman, STOPWATCH
External Link: 16 Smart Steps Toward Building A Robust Insider Threat Program
Share this page:
LinkedInFacebookTwitterShare
Data ProtectionInsider ThreatThreat DetectionThreat Intelligence
RELATED POSTS
Why IT pros fear employee error, not hackers, will cause the most breaches
IT pros are more concerned with user error and malicious insiders than
compromised accounts, according…
11 Apr 2019
Cloud Security Practices Playing Into Hands of Attackers
Richard Adhikari | Technewsworld.com More than 80 percent of 650 cybersecurity
and IT professionals surveyed…
22 Jan 2021
How science can fight insider threats
Malicious insiders pose the biggest cybersecurity threat for companies today
because they can cause the…
25 Oct 2018
MSPs Caught Between the Risks and Rewards of Protecting Customers
Managed service players are seen by some customers as the weak link but have
the…
20 Sep 2019
The Enemy Within: How Insider Threats Are Changing
Becky Bracken | threatpost.com » Insider-threat security experts unravel the new
normal during this time…
13 Jul 2020
Insider Threats Are on the Rise and Growing More Costly. You Need the Right
Tools to Detect Them
A recent report on cybersecurity spending says that companies have been raising
their budgets in…
19 Jan 2021
Fujifilm becomes latest ransomware victim as White House urges business leaders
to take action
Jonathan Greig | ZDnet.com » The National Security Council’s top cyber official,
Anne Neuberger, released…
07 Jun 2021
One in 10 IT Pros Would Steal Data if Leaving a Job
www.infosecurity-magazine.com | Kacy Zurkus, News Writer A survey of 320 IT
experts conducted by Gurucul…
08 Jul 2019
Gurucul Experts Present on Thwarting Insider Threats at 2021 Counter-Insider
Threat Symposium, AFCEA TechNet Cyber 2021
LOS ANGELES – (BUSINESS WIRE) – October 15, 2021 – Gurucul, in Unified Security
and…
15 Oct 2021
1 in 10 tech employees plan to steal company information before leaving a job
Insider threats are more difficult to detect and prevent than external attacks,
and are a…
03 Jul 2019
Cheater, Cheater: Dishonest Workplace Behavior Is a Complicated Phenomenon
Garett Seivold | Loss Prevention Magazine For those charged with protecting
company assets, a couple of…
15 Oct 2019
Businesses Change Tactics to Protect Against Third Party Security Risk
Recent research carried out by Gurucul, a security and fraud analytics
provider, has uncovered 74% of…
27 Sep 2019
Insider Threat and Activity Monitoring
www.professionalsecurity.co.uk Most, 62 per cent of people would not be
deterred from taking a…
23 Jul 2019
US Mental Health Provider Email Breach-Experts Reaction
Security Experts | Informationsecuritybuzz.com People Incorporated Mental Health
Services disclosed that an email security data breach exposed sensitive patient
records and financial…
16 Nov 2020
Twitch breached.
CyberWire staff | thecyberwire.com » Twitch, the video live-streamng service
that focuses on serving gamers,…
08 Oct 2021
* Products
* Solutions
Gurucul Analytics-Driven SIEM
Cost Efficient Cloud Native SIEM
Gurucul User & Entity Behavior Analytics
Continuous Anomaly Detection & Remediation
Gurucul XDR
Augmented Threat Detection & Faster Incident Response
Gurucul Identity Analytics
Real-Time Access Control Automation Using Risk & Intelligence
Gurucul Fraud Analytics
Holistic Cross-Channel Fraud Detection & Prevention
Insider Threat
Stop Insider Threats, Account Hijacking & Data Exfiltration
Zero Trust Security
Implement Zero Trust Controls with Risk Based Context
MITRE ATT&CK Informed Security Analytics
Automate Machine Learning Based Threat Detection and Response for MITRE ATT&CK
Framework
Risk Based Access Certifications
Reduce Rubber-stamping, Time Spent and Overall Risk Through Outlier
Certification
Risk Based Authentication
Empower Digital Transformation with a Frictionless User Experience
RECENT POSTS
* Build Versus Buy: Can You Build Your Own SIEM?
* 16 Smart Steps Toward Building A Robust Insider Threat Program
* Study – Most Online Shoppers Remain With Retailer After A Breach, Experts
Weigh In
* Famous Insider Threat Cases
* How Retailers Can Secure Themselves for the Holiday Rush
SECURITY
* Gurucul Risk Analytics (GRA)
* Gurucul Analytics-Driven SIEM
* Gurucul UEBA
* Gurucul XDR
* Risk-Driven SOAR
* Gurucul Security Data Lake
* Gurucul ML-Based NTA
* Cloud Security Analytics
* Insider Threat
* Medical Device Discovery & Monitoring
* MITRE ATT&CK Analytics
* Zero Trust Security
IDENTITY
* Identity Analytics
* Privileged Access Intelligence
* Risky Account Discovery & Cleanup
* Risk Based Access Certifications
* Risk Based Authentication
* Dynamic Access & Role Modeling
* SoD Intelligence
FRAUD
* Fraud Analytics
* Account Takeover & Login Fraud
* Anti-Money Laundering
* Call Center Fraud
* Credit Card Fraud
* Insider Fraud
* Mobile Fraud
* Payment Fraud
* Transaction Fraud
* Regulatory Compliance
ABOUT US
* Company
* Contact Us
* Leadership
* Board of Advisors
* Blog
* Press Releases
* News
* Careers
* Business Continuity
* Glossary
* Privacy Policy
© 2021 GURUCUL
LinkedInFacebookTwitterShare
✓
Thanks for sharing!
AddToAny
More…
×
We Value Your Privacy
Settings
NextRoll, Inc. ("NextRoll") and our advertising partners use cookies and similar
technologies on this site and use personal data (e.g., your IP address). If you
consent, the cookies, device identifiers, or other information can be stored or
accessed on your device for the purposes described below. You can click "Allow
All" or "Decline All" or click Settings above to customize your consent.
NextRoll and our advertising partners process personal data to: ● Store and/or
access information on a device; ● Create a personalized content profile; ●
Select personalised content; ● Personalized ads, ad measurement and audience
insights; ● Product development. For some of the purposes above, our advertising
partners: ● Use precise geolocation data. Some of our partners rely on their
legitimate business interests to process personal data. View our advertising
partners if you wish to provide or deny consent for specific partners, review
the purposes each partner believes they have a legitimate interest for, and
object to such processing.
If you select Decline All, you will still be able to view content on this site
and you will still receive advertising, but the advertising will not be tailored
for you. You may change your setting whenever you see the on this site.
Decline All
Allow All