Over the past two years, IT and cybersecurity teams have faced the challenge of protecting data while employees work almost exclusively outside the protection of corporate networks. So, it was especially fitting that this year’s National Insider Threat Awareness Month (NITAM) theme was ‘Critical Thinking for Digital Spaces.’ Despite its ... Read More

We have written before about the Great Resignation and the risk of people taking sensitive data to their new employers. People reassessing their priorities and opportunities as the pandemic eased coincided with a surge of available opportunities. The temptation to steal intellectual property that might help in new organizations was ... Read More

There’s been a lot of misconception about the quiet quitting movement since Zaid Khan, a 24-year-old engineer from New York, posted his video, which now has nearly half a million likes. In its initial incarnation, quiet quitting was not so much about a work slowdown as it was an argument for ... Read More

It is increasingly simple and common for employees to download and use cloud-based applications for work-related purposes, known as Bring Your Own Applications (BYOA). These may include apps for cloud storage and sharing, collaboration, chat, research, and other functions. While many may be legitimate, they also represent a new source ... Read More

Many organizations have a variety of tools that they spend time researching, vetting, being trained on, and then never using again. Nobody wants to spend tight budget dollars on “shelfware”, when, according to a recent study, software is largest IT budget item, at 39% of the average IT budget. Controlling ... Read More

In an earlier post we introduced readers to Workforce Cyber Intelligence. To recap briefly, Workforce Cyber Intelligence provides organizations with operational intelligence synthesized from an employee’s physical interactions with organizational assets (data, machines, applications, and peers), their intensity of work, and their peer engagement to be used to help reduce ... Read More

Building an engaged workforce in a work-from-anywhere environment is important to business success. As noted in other posts, an engaged workforce clearly performs better and experiences less burnout. A strong company culture can help, but when people are rarely together, building and maintaining that culture can be difficult. Measuring engagement ... Read More

Change. It’s the one constant we can all count on. And in the last few years we’ve seen more than we would have liked for sure. So, it’s no surprise the cyber security landscape hasn’t been spared, especially when it comes to the latest evolution of the endpoint vendor landscape ... Read More

Earlier today we published our 2022 Insider Risk Report, our fifth consecutive since 2017. The purpose of our reports is simple: Help business leaders, cyber security executives and practitioners, advisory and research organizations, as well as MSSP providers understand the activities, behaviors, and communications among employees, consultants, and partners that ... Read More

If the last 20+ years of cyberattacks have taught us anything, it is that humans are both an enterprise’s greatest asset and the source of highest risk. Employees, contractors, and consultants, and their digital identities, represent the ultimate risk to data, IP, and operational resiliency, yet their behaviors, activities, intent, ... Read More