SBN

How to Stop New Employees from Becoming Insider Threats

In the midst of a booming tech economy and a concurrent Great Resignation, recruitment and hiring are all-seasons imperatives. As new people constantly join the organization, how can busy security teams guarantee they will adhere to established data security practices from their onboarding and going forward?

Over the last several quarters, many job seekers have resolved to move on and look for a role change, and are doing so at unprecedented rates. As a result, many organizations are struggling to fill entry- and mid-level roles, in spite of more or less continuous recruitment and hiring campaigns. At the same time, competition for top positions is rife, with more applicants applying for the same job than ever before. The recruitment process is fast and furious, with busy recruiters and HR teams juggling prospects and conducting remote interviews across multiple stakeholders. In all cases, candidate security checks, seeking references from previous employers, conducting personality and skills assessments, and even running social media checks is an ever more time-consuming process.

Even after that rigorous process, from the perspective of security, some recruits will not pan out and may degrade your overall security posture. Whether through ignorance of internal security protocols or cloud systems, bad habits created in other organizations, or even through malicious intent, some recruits can be a liability – consciously or unconsciously – for IT security and business best practices.

Awareness and training are a vital part of any onboarding process, but how can those responsible for data security ensure that best practices are maintained? How can they offer innovative new employees a seamless “path of least resistance”, encourage productivity and visibility, and at the same time ensure that new staff won’t compromise systems or networks? Let’s face it, there are only 8,760 hours in any given year, and security support teams wear enough hats and juggle enough plates already.

A recent Forrester Research study commissioned by Imperva, “Insider Threats Drive Data Protection Improvements: Threat Detection, Analytics, and Staffing Lead Investment Priorities” revealed that in 2022, nearly half of all organizations are looking to automate this process and want to improve overall threat detection and prevention.

Almost two-thirds of businesses train employees to follow data loss prevention (DLP) policies, but less than one-third have an insider risk management policy. The study suggests this may be due to companies tending to check-box compliance rather than creating and implementing genuine and practical policies that identify real data security gaps – an approach IT security teams can not afford to take in today’s dynamic security landscape.

With only a small fraction of businesses (8%) saying they have suffered zero policy violations due to insider threat issues in the past 12 months, notably around compromised employee credentials, this is a clarion call for cybersecurity teams to examine an approach that makes best-practice security standards baseline policy across the organization, rather than relying on individuals – especially new recruits – following best practices. Teams need to foster a culture of security through default data protection. 90% of data breaches are, after all, the product of human error.

Forrester’s new study contains several stand-out recommendations for action, one being the inclusion of Data User Behavior Analytics as a key part of any robust data security practices. This automated tool accelerates remediation and minimizes false positives to ensure accurate response offers considerable benefits and ROI. Forrester Research survey respondents reported the primary positive technical benefit of automated Data User Behavior Analytics is an increase in data visibility, with data compliance a close second, and a reduced workload for busy security teams ranked as the third. These preferences are followed by improved response time and a 24/7 answer to employee-based cybersecurity threats, allowing Security Operations Center (SOC) teams to focus on other critical issues.

With each fresh crop of newly recruited employees constantly joining companies worldwide and with many of them working remotely, mitigating non-compliant, malicious, or risky data access behavior across all business databases, cloud, local, or hybrid should be a top priority. It’s vital to spot internal bad actors and negligence before they can cause damage and to correct non-compliance before it causes audit or PR failure. Having visibility into your business risks from accidental or deliberate exposure means knowing what’s happening before it’s too late.

Trust allows leaders, employees, relationships, and organizations to flourish and grow – but trust, as they say, should be earned and not given freely. Security teams can, however, be ready for newly onboarded colleagues by default and implement a de-facto data policy across the enterprise to be sure that best practices are maintained.

For other key recommendations from the “Insider Threats Drive Data Protection Improvements: Threat Detection, Analytics, and Staffing Lead Investment Priorities” study, you can download a copy of the report and its findings here.

The post How to Stop New Employees from Becoming Insider Threats appeared first on Blog.

*** This is a Security Bloggers Network syndicated blog from Blog authored by Nik Hewitt. Read the original post at: https://www.imperva.com/blog/how-to-stop-new-employees-from-becoming-insider-threats/