User education is also important. Employees should be educated to ensure everyone is aware of the significance of data security and the role they play in protecting the organisation's data. For instance, employees should learn to think of disposing information assets the way they think of disposing biohazards. Proper treatment should be implemented to ensure that devices such as USB drives are sanitised. In this case, any disposal of information assets should be coordinated by the IT department.
How should a company mitigate the risks posed by insider threats? Is it enough to have cyber security technologies, policies and procedures in place?
Most companies focus on the prevention aspects and usually have some cyber security technologies, policies and procedures in place. What is often lacking are the detection and response aspects of cyber security. It is important to monitor what is happening and be able to respond quickly to adverse events or breaches of policy. For example they should have monitoring systems and incident response plans in place. Detection is often more effective than prevention technologies when it comes to protecting against insiders because insiders need to be authorized to access data. Knowing their activities are being monitored can create a strong deterrent.
Organisations should also identify what data is most important to them and focus their security efforts around that data. For example, the critical data might be payment card data, customer personal data, company intellectual property, financial data, or corporate plans and strategy.
More often than not, organizations are spending resources on threats that they are concerned about but not the most crucial ones for their industry. Based on the DBIR's findings, this would appear to be a misdirected effort. On average, 72 per cent of security incidents in any given industry are covered by three basic attack patterns that vary from industry to industry.
The key to mitigate security risks is for organisations to understand their threat profile and environment in order to come up with more targeted security solutions.
Sign up for MIS Asia eNewsletters.