ITMG Insider Threat News – January 26, 2022

Three Recent Events Prove the Need for an Insider Risk Playbook

Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push aside their NDAs and in-place IT data handling processes and procedures to knowingly abscond with sensitive data.

Plurilock Seeks Patent for Behavioral Biometrics Profiling to Fight Insider Threats

Plurilock has submitted a non-provisional patent application with the United States Patent and Trademark Office (USPTO) for a new forensic attribution technology based on its behavioral biometrics.

The application document for ‘Forensics Analysis for Malicious Insider Attack Attribution based on Activity Monitoring and Behavioral Biometrics Profiling’ describes how Plurilock’s forensic attribution technology can be used in conjunction with the company’s continuous authentication solution DEFEND.

Teachable Moment: An Insider Threat on Your Team

No manager or executive wants to receive a phone call informing them that a team member has engaged in suspicious activities that require a security investigation. But that’s just what happened to Code42’s vice president of portfolio strategy and product marketing, Mark Wojtasiak. Code42’s internal instance of its insider risk management toolbox discovered a member of Wojtasiak’s team, who had recently given notice, had downloaded inside information to an unauthorized device.

What CISOs can Learn About Insider Threats from Iran’s Human Espionage Tactics

Over the last few months, there has been an uptick of espionage revelations concerning Iran and its interest in collecting information against regional adversaries as well as Iranian ex-pats whose views are divergent to those of the current regime. It is important for CISOs to understand the human side to the Iranian offensive efforts to gather information of interest.

Insider Threats: How to Combat Workplace Disinformation

Whether due to mistakes or planned attacks, insider threats cost organizations millions. A Ponemon Institute survey found that insider threats grew by 47% from 2018 to 2020. The cost of insider threat events also increased by 31% from $8.76 to $11.45 million during the same time period. And they estimate organizations spend on average $644,852 to recover from an insider threat incident, regardless of the source.

You’re Not Paranoid – Not Preparing for Insider Threats Puts Your Data at Risk

Statistics about insider threats have a way of shattering our rosy-colored glasses about employee loyalty. A whopping 94% of organizations experienced an insider breach in the last 12 months. Of those, human error caused the vast majority of breaches (84%). But fully 66% of those that weren’t caused by error originated from a malicious leak. That’s especially concerning since only 28% of IT pros reported being most concerned about “intentionally malicious behavior” as the type of behavior to cause an insider breach. And somewhat surprisingly, 23% of employees surveyed think it’s perfectly within their rights to take company data with them to a new job.

Discover more from ITMG

Subscribe now to keep reading and get access to the full archive.

Continue reading