Agencies and private-sector companies invest considerable resources defending themselves against external cyber threats, but insider threats pose just as great a threat to these organizations if they don’t have a strategy in place to defend against them.
In response to this threat, Brian Harrell, the assistant director for infrastructure security at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said the agency expects to release an insider threat guidebook for the private sector next month.
“There’s no doubt in my mind that today we have individuals at work within our organizations that have the institutional knowledge as to how to bring us to our knees,” Harrell said at CISA’s Cyber Summit last month.
While DHS will soon roll out this insider threat roadmap for industry, security experts have said major organizations should already have an insider threat plan in place.
Randy Trzeciak, the director of the Insider Threat Center at Carnegie Mellon University’s Software Engineering Institute, said an agency or industry insider threat program should start with identifying an organization’s critical assets – in other words, identifying what technologies, facilities and people need the most protection.
Drilling down into those details, organizations can assign different levels of risk to traditional full-time employees, part-time employees, subcontractors, trusted business partners, cloud service providers, supply chain providers and other entities with authorized access to critical assets.
“You have insiders that have been granted authorized access, and your goal should be to prevent, detect, and to respond as efficiently as possible to insider threats to those critical assets,” Trzeciak said.
Mark Weatherford, a global information security strategist for Booking Holdings, said identity management plays a key role in curbing insider threats, and allows organizations to ..
Support the originator by clicking the read the rest link below.
