Fighting insider threats is tricky but essential work

2024-01-25 06:00

Spotting insider threats can be more challenging for a simple reason: insiders already have legitimate access - whether limited or full - to an organization's network, systems, or other assets.

"Identifying insider threats is not a binary process. Insiders can be malicious, lack the skills to do their jobs properly, or be victims of coercion. Thus, it is important to understand the different types of insider threats and the vectors that are most applicable to your organization," Mandiant researchers recently noted.

Unintentional and negligent insiders can pose an insider threat by not being adequately instructed or trained, and even by not having enough knowledge about the technology they are using and about the implementation of necessary protections.

Third-party partners, such as contractors and vendors, can also be an insider threat as they often have some access permissions to an organization's systems and networks to perform their job.

Organization must take certain steps to protect themselves from insider threats.

To help organizations better understand insider threats and build an appropriate protection plan, CISA has published an Insider Threat Mitigation Guide, which can guide you through the process of building an insider threat mitigation program and help you detect, identify, assess and manage insider threats.

News URL

https://www.helpnetsecurity.com/2024/01/25/external-internal-threats/

#threat