Mitigating Insider Threats - a Technical Perspective
Brian Contos
Field CISO @ Mitiga | Serial Entrepreneur | Board Advisor | Investor | Author
After people and process, another way to combat the insider threat is from a technology perspective and look at the various devices that can be leveraged to reduce this threat.
Insiders are tricky because they represent a demographic that is largely trusted; employees have presumably been vetted and gone through the HR process; they have been interviewed by managers and potential colleagues to assess their knowledge and capabilities; and if to be engaged in work in support of the government, have obtained some level of clearance for access to classified information, networks, and systems. The incidents with Chelsea Manning and Edward Snowden have revealed just how damaging an insider can be in obtaining and making public highly sensitive information.
Data leakage is but one possible consequence resulting from the efforts of these individuals. Data and network destruction, disruption, and data manipulation are all possible alternatives depending on the level of malicious intent. Given the recent events involving the use of ransomware to encrypt hospital networks, it’s easy to see how direct access to networks could enable hostile insiders to inserting this type of malware into a network and holding it for considerable ransom.
Federal Sales Manager/FSO at Thinklogical, A Belden Brand
8 年Couldn't agree more with your statement Brian: "Best practices toward mitigating data loss is to protect information at its source." Mitigate the threat with Thinklogical.