Risk Management, Insider Threats and Security Leaders in the Age of COVID-19
An insider threat is a security risk that originates from within an organization. According to the Department of Homeland Security, insider threats often results in theft or destruction of data or the compromise of networks, communications or other information technology resource.
Insider threats are on the rise, according to a study from The Ponemon Institute, sponsored by ObserveIT and IBM. The number of insider-caused cybersecurity incidents increased by 47 percent since 2018. The average annual cost of Insider Threats has also skyrocketed in only two years, rising 31 percent to $11.45 million.
As COVID-19 has forced organizations to suddenly halt operations or institute work-from-home initiatives, there is greater opportunity for security incidents and greater data security responsibility with less direct oversight. Remote work poses its own challenges for enterprise risk managers, as well, such as addressing evolving vulnerabilities and threats unique to new environments. One area that will need to be monitored now more than ever is that of the insider threat, argue many enterprise security leaders.
How can enterprise security mitigate the insider threat right now and in the next months? Security Magazine spoke to many security professionals to obtain some insight on this matter.
Steve Durbin, managing director of the Information Security Forum, a London, U.K.-based authority on cyber, information security and risk management:
“The insider threat is one of the greatest drivers of security risks that organizations will face as a malicious insider utilizes credentials to gain access to a given organization’s critical assets. This is especially true with COVID-19 and employees who are currently working from home. Many organizations are challenged to detect internal, nefarious acts, regularly due to limited access controls and the ability to detect unusual activity once someone is already inside their network.
Risk management and security leaders need to manage the delicate issue of the insider threat during a time when many employees have concerns, need support and require protection. Employees subject to new working arrangements may well react maliciously due to limited hours, lowered compensation, reduced promotion opportunities, and even expectations of redundancy. These concerns at work can be compounded by increased levels of stress outside of the work environment due to worries about the health of their families, livelihood and uncertainty about the future. Under these conditions, employees might become resentful or disgruntled towards the organization, resulting is occurrences of information leakage and theft of intellectual property.
I anticipate that this trend will continue as the volume of information insiders can access, store and transmit continues to soar – and mobile working for multiple employers become the status quo.”