Three Recent Events Prove the Need for an Insider Risk Playbook
Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push aside their NDAs and in-place IT data handling processes and procedures to knowingly abscond with sensitive data.
Plurilock Seeks Patent for Behavioral Biometrics Profiling to Fight Insider Threats
Plurilock has submitted a non-provisional patent application with the United States Patent and Trademark Office (USPTO) for a new forensic attribution technology based on its behavioral biometrics.
The application document for ‘Forensics Analysis for Malicious Insider Attack Attribution based on Activity Monitoring and Behavioral Biometrics Profiling’ describes how Plurilock’s forensic attribution technology can be used in conjunction with the company’s continuous authentication solution DEFEND.
Teachable Moment: An Insider Threat on Your Team
No manager or executive wants to receive a phone call informing them that a team member has engaged in suspicious activities that require a security investigation. But that’s just what happened to Code42’s vice president of portfolio strategy and product marketing, Mark Wojtasiak. Code42’s internal instance of its insider risk management toolbox discovered a member of Wojtasiak’s team, who had recently given notice, had downloaded inside information to an unauthorized device.
What CISOs can Learn About Insider Threats from Iran’s Human Espionage Tactics
Over the last few months, there has been an uptick of espionage revelations concerning Iran and its interest in collecting information against regional adversaries as well as Iranian ex-pats whose views are divergent to those of the current regime. It is important for CISOs to understand the human side to the Iranian offensive efforts to gather information of interest.
Insider Threats: How to Combat Workplace Disinformation
Whether due to mistakes or planned attacks, insider threats cost organizations millions. A Ponemon Institute survey found that insider threats grew by 47% from 2018 to 2020. The cost of insider threat events also increased by 31% from $8.76 to $11.45 million during the same time period. And they estimate organizations spend on average $644,852 to recover from an insider threat incident, regardless of the source.
You’re Not Paranoid – Not Preparing for Insider Threats Puts Your Data at Risk
Statistics about insider threats have a way of shattering our rosy-colored glasses about employee loyalty. A whopping 94% of organizations experienced an insider breach in the last 12 months. Of those, human error caused the vast majority of breaches (84%). But fully 66% of those that weren’t caused by error originated from a malicious leak. That’s especially concerning since only 28% of IT pros reported being most concerned about “intentionally malicious behavior” as the type of behavior to cause an insider breach. And somewhat surprisingly, 23% of employees surveyed think it’s perfectly within their rights to take company data with them to a new job.