Are we protecting ourselves against insider threats?
Insider threats are commonly thought of as one of the most difficult threats to defend against. With the growing use of contractors, freelancers, and temporary employees throughout an enterprise, defending against potential internal threats seems next to impossible. In 2013, the FBI estimated malicious insider threat attacks cost approximately $412,000 per incident.1
Although there is no single solution for defending against insider threats, experts recommend a multi-pronged approach that involves action from several members of leadership. Talent acquisition should focus on strong background checks on all employees and contractors, and human relations can help catch red flags stemming from irregular employee behaviour (such as missed work or bragging about potential damage they could do).2 CFOs and CTOs can discuss the possibility of implementing security behavioural monitoring tools to identify instances when any employees access files they have no relation to, files or information is saved to an external location, or employee logins happen at irregular times.
Fortunately, if suspicion of internal threats does arise, solutions like Microsoft Data Loss Prevention (DLP) rolled into OneDrive for Business, SharePoint Online, Exchange, and Office 2016, will enable your IT administrators to protect against data loss without stretching their compliance budgets.
Administrators will receive notifications if confidential information is being exchanged, and they have the opportunity to recall data and access from certain employees. Additionally, with DLP, administrators can review incident data and generate incident reports to see exactly where information may have been leaked.
1 Fred Donovan, FierceITSecurity: Is the person sitting next to you a malicious insider?
2 George Silowash, Software Engineering Institute: Common Sense Guide to Mitigating Insider Threats: 4th Edition