Security Deep Dive: Assessing the Insider Threat
Whether through malice or negligence, insider threats remain an area of concern in the battle to protect an organization, its people, and resources.
This kind of attack is among the most difficult to protect against, however, spanning the globe and all sectors of society as it boils down to addressing threats from trusted people—employees, former employees, contractors, and volunteers.
Ten years ago, for instance, Edward Snowden used his access as a contractor for the National Security Agency (NSA) to obtain and ultimately leak dozens of U.S. government documents to the media, revealing that the government’s intelligence community was surveilling its allies and citizens, sometimes illegally.
“The effects of Snowden’s disclosures continue to resonate,” wrote Security Management’s Megan Gates in April 2023. “…New efforts arose to assess the risk of insider threats and implement policies and procedures for responding to them.”
SponsoredSecurity and Surveillance Solutions Like No OtherAt GSX 2023, Hanwha Vision is showcasing an array of new products and solutions in Booth #3123 in Artificial Intelligence (AI) Hanwha stands at the forefront of AI innovation and will demonstrate new uses of AI in PTZ and Q series cameras, delivering precise detection, robust search capabilities, elevated data analysis, and enhanced image quality. Also on display will be FLEX AI technology machine learning which helps our cameras continually learn to recognize key objects for more efficient operation. |
Insider threat incidents increased between 2020 and 2022, according to a report from the Ponemon Institute. The 2022 Cost of Insider Threats Global Report also found that insider threat incidents cost companies an average of $15.4 million annually.
Whether its organized criminal groups looking for inroads into a legitimate business to siphon off materials, goods, or information; a competing company; or a nation state seeking to expand its influence or gather intelligence—bad actors look for a weak link to break through a security department’s armor.
In 2022 and 2023 mass layoffs, especially in the tech industry, could be cracking open a door for organizations trying to turn a current or former employee.
“Layoffs and terminations are often a trigger for negative actions,” according to another April Security Management article. Although a dismissed employee might not try to take a laptop or stapler, “…they might be targeted by competitors or foreign firms to share some of their institutional knowledge about the inner workings of the company or a key product or process.”
Layoffs can also have impacts on those who remain—increasing workloads and stress, or perhaps creating a sense of isolation with fewer teammates to connect with. It’s worth noting a recent Gallup poll finding that 18 percent of the global workforce is “actively disengaged,” and more than 75 percent are not actively engaged.
These current and former workers present ripe opportunities for negligence or malicious actors, however, they also present an opportunity for organizations to turn things around and build a stronger insider threat program.
At GSX 2023, this topic will be widely covered and analyzed throughout all three days of the show. For the interested security professional, the following is a sample of the various sessions and events that offer a chance to learn and connect. (All times are in Central Time).
Monday, 11 September
Over on the X Stage in the Exhibit Hall, “Navigating the Future of Work: Digital Transformation and Converged Security,” with Jamshed Patel, vice president of value engineering at AlertEnterprise, will showcase the benefits of connecting security across physical and IT systems. Along with improvements to an organization’s digital transformation, leveraging artificial intelligence and machine learning with access management can assist in anticipating and mitigating emerging risks, such as insider threats. This session will start at 1:30 p.m. and is supported by the ASIS Information Technology Security Community.
If you’re looking for an afternoon education session, Janet Lawless, CEO and founder of the Center for Threat Intelligence, will be speaking at 2 p.m., covering the developing threat landscape in 2023. “Insider Threat: Clever Adversary Tactics to Infiltrate Your Organization You Need to Know!” will offer attendees insight into the methods and tools that attackers and recruiters are using today, plus how to rethink and improve insider threat training and programs.
And at the ASIS Hub, the Investigations Community and Crime Prevention Community will be hosting their information sessions at 9:30 a.m. and 1:30 p.m., respectively, for a chance to connect groups and their experts.
Tuesday, 12 September
Tuesday will be jam-packed with educational offerings looking at the facets of insider threats, from how to leverage trust and transparency to behavioral analytics to lessons learned to getting stakeholders invested in the process.
“The Trusted and Valued Insider (Threat)” will cover how to build and deliver a productive insider risk management program through a culture of mutual trust. As the workforce evolves into one that looks more often to its employers and coworkers for trustworthy information, providing transparency and understanding into security policies can increase buy-in as well as the credibility of security practices. Find out more at 7:30 a.m.
Later in the afternoon, “Insider Risk: Bridging the Gap Between Stakeholders for More Effective Program Development and Risk Mitigation” will demonstrate how insider threats can blossom from multiple departments and how to collaborate to reduce overall risk. Starting at 2:00 p.m., this session will also offer strategies and best practices for getting non-security departments on board to assist in reducing these risks.
The Career HQ stage will also be taking a turn to spotlight how to support vulnerable employees. At 1 p.m., attendees can listen and learn during “Mental Health Awareness in the Workplace.” The session offers learning opportunities for security professionals to better understand how to connect with and support someone experiencing a mental health issue, which can not only help an employee but also create a more positive work environment that receives and gives support to the organization.
Also on Tuesday, the Human Threat Management Community will be hosting an information session at the ASIS Hub at 10:30 a.m.
Wednesday, 13 September
On the last day of the show, two morning sessions will offer a last chance to work insider threat mitigation into your educational schedule.
Kicking off at 8:30 a.m., “The Corporate Security Role in Building an Insider Threat Program” with Allen Phelps, CPP, PCI, CEO at IPTalons, Inc., will inform on how security professionals have a leading role in building and promoting insider threat programs.
Then at 9:45 a.m., a panel discussion will be looking at how technological advancements can complement a holistic approach to insider risk scoring. “The Future: Holistic Insider Risk Scoring and Physical Access Governance Risk and Compliance (GRC)” also aims to teach attendees how to integrate holistic insider risk scoring with physical access control solutions.
Exhibit Hall
More than 400 companies will have their tools and solutions on display throughout the GSX Exhibit Hall. Here are a few that focus on detecting and thwarting insider threats:
- IPTalons, Inc. offers open-source intelligence and investigative tools and services that can help protect technology and intellectual property. Booth 1417.
- Ontic, a security software provider, supplies companies and their security departments with a data and analysis platform for a comprehensive view of their security landscape, as well as threat assessment, threat management, and strategic intelligence services. Booths 4155 and 4292.
- ReconaSense offers a physical access control system that can help manage facilities with an artificial neural network, while also monitoring for insider threats via data analysis and situational awareness. Booth 1533.
For more insights on this topic, check out our Focus on Insider Threats content series.
Sara Mosqueda is associate editor at Security Management, which produces the GSX Daily. Connect with her at [email protected] or on LinkedIn.