In the second episode of Conversations from the Inside: The Psychology of Insider Risk Management: Time and Place Matters, renowned intelligence and security expert Christopher Burgess sat down with MITRE’s Chief Scientist for Insider Threat Research & Solutions and Senior Principal Behavioral Scientist for Insider Threat, Dr. Deanna Caputo, to discuss the role of human behavior and psychology in insider risk management.
In this blog post, we’ll explore some key takeaways from the discussion. You can also watch the full episode replay below:
Leveraging Behavioral Sciences: Patterns of Behavior are Key
When monitoring human behavior, organizations often look for a personality trait or even disorder to indicate an individual shouldn’t be hired or trusted. However, no data indicates specific personality types can explain insider threat activities.
For today’s digital and distributed enterprise, successful insider risk management (IRM) requires visibility into insiders’ past behavior patterns to help organizations anticipate and mitigate future risks.
IRM programs need to focus less on an individual’s internal motivations and more on the types of behaviors that security teams will see. For example, what does ‘normal’ or ‘baseline’ behavior look like to you in your program? What does it look like for your colleagues? Trying to determine a root cause isn’t something you can measure with certainty, which is what makes understanding the behaviors that manifest so integral to mitigating insider risks before an incident occurs.
Focusing on patterns of behaviors enables security teams to gain insight into how employees do their ..
Support the originator by clicking the read the rest link below.
