Insider Threat Awareness Month 2023: Bringing Awareness to Every Level of Your Organization
Blog Article Published: 09/20/2023
Originally published by Code42.
Written by Chrysa Freeman, Sr. Manager of Code42's Cybersecurity Team.
In the ever-evolving world of work, where remote collaboration, the Great Resignation, the rise of contractors, and the ascent of cloud technologies redefine how we conduct business, a common threat grows larger: Insider Risk. As organizations rush to adapt to these modern workforce shifts, any lag in this progress leaves critical IP vulnerable to data loss, leak, and theft. Given this reality, Insider Threat Awareness Month offers an occasion to rally every facet of your organization – from the boardroom to the virtual workspace – in a united front against these escalating threats.
For this year’s Insider Threat Awareness Month, we’re mindful of the daunting task in front of many Insider Risk and security teams. Imagine your organization as an interconnected ecosystem: the boardroom and legal set the strategic coordinates, IT and Security fortify the boundaries, HR nurtures a culture of vigilance, and every user becomes an unwavering guardian. Each piece of the puzzle is crucial in combating Insider Risk.
Embracing Insider Threat Awareness Month
As security and risk teams take stock of their Insider Threat posture this month, it’s crucial to shore up partnerships with key stakeholders. To do that, these teams need to speak the language of each level of collaborator. By building a program on the basis of mutual understanding, businesses can build strong defenses against the loss of IP and other critical data.
The Boardroom’s Strategic Stance
Executive leadership can play a pivotal role in setting the tone for cybersecurity awareness. However, this group is uniquely focused on metrics when instituting any new program. As many security leaders know well, any inquiry about new technology or strategy is met with “What’s the ROI?”
To keep the business on track, these leaders have to make data-driven decisions, so metrics are the best way to relay critical information about Insider Risk Management (IRM) programs. IRM program metrics can take two forms: measures of program activities and measures of program outcomes (keep an eye out for an upcoming blog later this week, delving deeper into specific program measures). By tracking program functions, security leaders can capture the attention of top-tier stakeholders and secure dedicated resources for data protection.
Legal Guardians of Data
If there’s one partner in your organization who understands the perils of leaving the business vulnerable, it’s your legal team. Though the legal arm of any business may not be directly interacting with day-to-day security functions, they have a vested interest in programs that help the organization comply with its regulatory and contractual obligations, including protection of customer and employee data.
A legal team will want to know what areas of the organization are most vulnerable to Insider Threat, what steps are needed on their part to investigate an insider event and the costs involved in an investigation, and how the organization will be better protected in the event of litigation. By sharing relevant details with these stakeholders, while also speaking to the enhanced compliance that comes with establishing an IRM program, legal will be quick to adopt new practices that protect vulnerabilities.
HR’s Human-Centric Approach
HR has felt the shifts in our modern workforce perhaps more deeply than any other department. As we covered above, the shifting planes of this era of work pose a unique challenge, especially given the dispersed workforce and their perceived ownership of the IP they create. One in three organizations will lose valuable IP when employees leave their company.
Your HR team may not fully understand the depth of potential data loss from departing employees. Given this, educating these stakeholders on the pervasiveness of this type of data loss, as well as empowering them with insight from the security team on the impact of that data loss on the company itself, can pay dividends in bringing them into the IRM fold.
Additionally, your HR partners are strongly focused on company culture. Consider working closely with them to weave data protection into the threads of the culture with the use of positive messaging.
Empowering Every User
It’s cliche but it’s true: a chain is only as strong as its weakest link. Every end user contributes to the security posture of your organization. As we’ve stepped away from traditional office settings, employees are finding innovative ways to collaborate with colleagues near and far – with varying degrees of organizational clearance. With that in mind, it’s unsurprising that a great deal of Insider Risk comes from employees simply trying to do their jobs.
Over four out of five security professionals (81%) believe the new hybrid-remote workforce has increased the need for data security training in their company. In aligning the entire employee base against Insider Threat, education must be woven into employees’ day-to-day, not just once-a-year reminders. Fostering a security-aware culture, in which employees know what’s being monitored, how, and why, is crucial to build trust and rally the entire organization around security. Using messaging that is both transparent and encouraging will help build trust with employees, resulting in increased compliance with your IRM program.
About the Author
Chrysa Freeman works as Sr. Manager of Code42's Cybersecurity team – overseeing audit, compliance, policy, vendor, and Awareness/Training. She is passionate about the juncture where security and the science of human behavior intersect and loves to share her knowledge about building positive security cultures.
Sign up to receive CSA's latest blogs
This list receives 1-2 emails a month.