In the situation above with the implementation of the proper controls and technologies, specifically, the use of behavioral and advanced analytics, patterns and connections, could have identified the unusual behavior on the system. Once identified, incident response is vital. The launch of a forensic investigation will lead to the identification of the source. Regardless of whether the culprit was an insider or the mirage of one, a robust insider controls identified a problem, and therefore, could have saved the organization from the incident.
The time has come to revisit the security strategy surrounding insider threat. According to the Intelligence and National Security Alliance, "a robust insider threat program integrates and analyzes technical and nontechnical indicators to provide a holistic view of an organizations insider threat risk from individuals identified as potential threat." We have the responsibility to protect our organizations and their most prized resources. Just as other security initiatives are vital to defending your assets and information, security leaders are called to acknowledge this problem under their jurisdiction and implement the required resources, personnel and technologies to moderate the risk of an insider attack. The implementation of a strong insider threat security program will support the overall security of your organization.
So, start turning that security strategy inside out.
Sign up for MIS Asia eNewsletters.