Experts from Protegrity, Securin, Traceable, Zerto, FoxIt and Datadobi offer their unique perspective on the current state of insider threats.
Clyde Williamson, Product Management, Innovations, Protegrity
“National Insider Threat Awareness Month brings to light a major security problem that most organizations fail to address adequately. Insider threats can be intentional with malicious purpose through the abuse of authorized employee credentials, or they can be unintentional threats with access to sensitive data that, in threat actor hands, can cause harm. In both scenarios, an employee had access to clear data considered valuable to cyber attackers.
Creating a ‘Fort Knox’ level of data security isn’t achievable for most organizations, despite advanced security systems and strategies that encircle data protectively. However, oftentimes these systems are strategies that are just a ‘protective’ moat around the data, still vulnerable to human error or influence internally. To better address insider threat concerns, organizations need to implement new strategies that truly secure their data. For example, encryption and tokenization strategies that allow enforcement of strict data access controls or leave data unreadable to all but those who absolutely need the data in the clear. While human error and malicious attacks are unavoidable, organizations can put effective guardrails in place that limit the impact of such insider threat events.”
Kiran Chinnagangannagari, Co-Founder, Chief Product & Technology Officer, Securin
“Time after time, humans continue to be the most neglected and overlooked threat in what should be an airtight cybersecurity strategy. Employees, contractors, and business partners have an insider look at an organization’s operations and hold the keys to highly sensitive information and network access. Whether unintentional or malicious, these individuals can put proprietary company information at risk. Aside from the breach of data and costly consequences, there’s a more insidious loss of trust and damaged reputation that can persist long after an incident is “remediated.
In today’s AI world, language models are becoming more sophisticated, and we’re starting to see a rise in hyper-personalized phishing attempts and a growing threat of AI-powered social engineering attacks that can mimic human communication patterns with frightening accuracy. This isn’t just about better spam filters anymore – cybersecurity professionals must fundamentally rethink how we approach user education and authentication in a world where machines can convincingly impersonate trusted contacts.
To safeguard confidential data and access to networks from threats both internal and external, businesses need to find solutions that can analyze network behavior, application interactions, and user patterns to identify anomalies and potential security breaches before they escalate. Cybersecurity teams should implement passkeys and multi-factor authentication (MFA) where possible as well as update access controls to mitigate an insider threat becoming a serious liability. By also implementing clear security policies and a culture of accountability, organizations can minimize these threats as well as their impact.”
Katie Paxton-Fear, API Researcher, Traceable AI
“When imagining cybersecurity threats, chances are, you’re probably not imagining yourself. But surprisingly you are one of the biggest risks to an organization. Unlike other cyberthreats, insider threats have a significant human element, and this is best managed through people and processes, such as:
Establishing a comprehensive offboarding procedure that thoroughly revokes employee access, regularly audit employee permissions and ensures that individuals only have access to the systems and files necessary for their roles.
Providing employee assistance programs for those facing financial difficulties or mental health challenges can reduce the likelihood that insiders feel compelled to act.
Implementing an employee review process that identifies performance issues early on and offers opportunities for improvement before considering termination can help prevent insider threats from emerging.
Ultimately all three of these factors are built on fostering a secure and supportive work environment. With this type of culture, businesses can reduce the risk of an employee turning into an insider and ensure that potential issues are identified and addressed before they escalate into a full attack.”
Kevin Cole, director, technical marketing and training, Zerto, a Hewlett Packard Enterprise company
“Recent research from Zerto highlights how human error is responsible for nearly half (46%) of all the reasons for data becoming unrecoverable, making it the largest threat for data loss. With Insider Threat Awareness Month upon us, it’s a critical time for organizations to re-evaluate their data protection strategies to protect their customers and preserve their reputation against any breaches.
Whether it is an employee who sells data for personal gain, sabotages systems before leaving, falls victim to a phishing attack, or just makes an innocent mistake, insider threats can blindside an organization and cause severe damage to its reputation, operations, and finances. Therefore, I urge organizations to take the proactive step of investing in data protection solutions that both prevent unauthorized access and ensure quick, reliable recovery after a breach or ransomware attack.”
DeeDee Kato, Vice President of Corporate Marketing, Foxit
“This year during National Insider Threats Awareness Month I think it’s time to shine a light on the importance of robust document security measures – especially, when it comes to the often-overlooked PDF.
Whether you are a government agency, a business, a healthcare provider, a financial institution – it is a safe bet that highly sensitive information is contained within your PDF docs. However, it is important to know that not all PDFs are created equal – especially when it comes to providing protection against internal threats, or external for that matter. But, if data protection and security are a concern (and these days, who isn’t concerned) then you need to know what to look for when choosing your PDF software. I think many of you know that you should start off by choosing a solution that doesn’t skimp when it comes to robust protection features – like encryption, digital signatures, and redaction tools. This provides the peace of mind that that only authorized users can access sensitive content and that confidential information is permanently removed, if necessary. Next on the checklist should be advanced permission settings to control actions such as printing and editing. And let’s not forget that it should integrate with Microsoft OneDrive, SharePoint, etc. to protect your documents, data, and personal information as well as include watermarking to deter unauthorized distribution. Audit trails and tracking capabilities are two more features that will take your data protection and security to the next level – enabling you to monitor access and modifications and comply with those all-important data protection regulations.
During this National Insider Threats Awareness Month and all the months to come… remain relentless in your pursuit to prevent insider threats – leave no stone unturned, and scrutinize every potential risk, even those that may appear benign, like the seemingly harmless PDF.”
Carl D’Halluin, Chief Technology Officer, Datadobi
“National Insider Threat Awareness Month is a crucial reminder not to underestimate the significance of risks from within — regardless of whether they are malicious or a result of negligence. For a clearer picture of just how significant, the 2023 Cost of Insider Risks Global Report by the Ponemon Institute revealed that in 2023, the average annual cost of an insider risk rose to $16.2 million per organization, while the average time to contain an incident extended to 86 days, compared to $15.4 million and 85 days in 2022.
Some might be surprised to learn that it is, in fact, unstructured data that is the most vulnerable due to it being the predominant data type (80% of data). It is the most difficult to manage, secure, and protect, and it often contains valuable and sensitive information making it rather attractive to those that wish to exploit it for personal gain or corporate sabotage.
So, during National Insider Threat Awareness Month – and all year long – take decisive action to safeguard your unstructured data against insider threats. Invest in your people – train and provide them with the solutions they require to gain visibility and control of your unstructured data scattered across every environment — local, remote, and in the cloud. Next, foster a culture of accountability and vigilance; because some insider threats are simply a result of human error. Your organization’s survival and success are on the line – so, isn’t an ounce of prevention worth a pound of cure?”