SBN

Top 5 Technologies for Mitigating Insider Threats

Introduction

The insider threat has been considered one of the most formidable threats within organizations in the recent years. Rogue and disgruntled employees getting their hands on sensitive information have led to significant losses for many organizations. Some employees unknowingly or unintentionally may also cause disruptions at the workplace affecting normal day-to-day operations.

In this article, we discuss the insider threat and how certain actions at the workplace might lead to information compromise. We’ll discuss the top technologies that can be implemented to mitigate such threats and conclude with discussing best practices that can be followed to ensure insider threats are best handled.

What is an Insider Threat?

An insider threat is an entity within the organization with authorized access to the organization’s systems and functions, but who has malicious intent. Such an insider can compromise sensitive information that should not be disclosed, and thus damage the organization.

Insider threats may be employees, third-party vendors, contractors and even partners. They are normally interested in intellectual property, client information, financial information, marketing information and national security information. This is a threat that, if not adequately addressed, can cripple the entire organization. It is therefore important to determine the challenges that organizations encounter while dealing with this threat.

What Are the Challenges of Insider Threats?

Insider threats have a few characteristics that make them stand out from the common external threats. The common features of insider threats include:

  • Difficult to detect. It is possible to detect various external threats, but when it comes to behavioral analysis and determining what is acceptable and unacceptable behavior at the organization, it becomes one of the most complicated things to do. For example, hundreds of thousands (if not millions) of transactions taking place within the organization will require monitoring. The question becomes “How do you assess (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Lester Obbayi. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/a34kywfWR2k/