Building an Insider Threat Program for your Organization

By PrivSec Report2020-10-08T17:07:00

Cybersecurity measures are often focused on threats from outside an organization rather than threats posed by individuals inside an organization.

Webinar Summary: On-Demand Session

Cybersecurity measures are often focused on threats from outside an organization rather than threats posed by individuals inside an organization. According to the US Department of Homeland Security 46 percent of the most expensive cybercrimes were a result of an insider threat and almost 34 percent of insider threat cases were targeted towards collecting personally identifiable information (PII).

Having controls in place to prevent, detect, and mitigate insider threat surge and accidental data leaks is a necessity for any organization that intends to protect its business-critical data.

Yet, Gartner states that only less than 20 percent of the organizations have an insider threat program today. While it is expected to grow to 60 percent by 2023, organizations must prepare for a functional insider threat program as a core part of their holistic cybersecurity strategy.

Building a proper insider threat program requires multiple technologies including endpoint detection and response (EDR), data loss prevention (DLP),and in-depth analysis of user behavior (UBA).

Building an Insider Threat Program for your Organization

Key takeaways include:

Identifying the indicators that reveal malicious insiders and understanding common use cases that happen every second at work
Insider threat detection capabilities with User Behavior Analytics (UBA) insights added to SIEM
Best practices for building and maintaining an effective insider threat program through comprehensive visibility, real time intelligence and policy enforcement