Your workforce is your greatest asset for mitigating insider threat risk in your organization. Training, equipping, and reinforcing an insider threat risk framework across your enterprise will best posture your organization to prevent, detect, and respond to a suspected insider incident.
Here are three approaches to harvesting the defensive capital of your workforce to help decrease insider threat risk:
Train your workforce to identify insider threat risk situations and behaviors.Regularly train your workforce to identify behaviors that have been associated with insider threat incidents. Your employees should understand that they could be targeted by an adversary, such as a nation state, to provide sensitive corporate information. Provide your workforce clear examples of what those scenarios would look like. In addition, foster a corporate culture of security where your employees accept ownership for their responsibility to help protect enterprise critical assets, sustain mission performance, and guard brand reputation. New employees should receive this training with iterative on technical and physical insider threat attack methods.
Equip your workforce with the proper tools to report a suspected inside threat. After ensuring that your workforce can properly identify the signs of a legitimate insider threat scenario, equip them to report a suspected insider incident. Establish a hotline or email channel for employees to report suspected incidents or set up an insider threat program in your organization for your workforce to report suspicious behavior. Communicate the reporting channels to your workforce with soft and hard copy materials, training sessions, and verbal reminders. It is critical that your workforce understand that their insights and concerns will be taken seriously and properly handled by the leadership team in a discreet manner.
Reinforce insider threat training principles and reporting procedures by providing opportunities for your workforce to practice identifying, managing, and mitigating an insider threat scenario. Your senior leadership team can learn a great deal from a well-planned insider threat tabletop exercise if they have not had an opportunity to respond to a security incident or are relatively new to their roles. Running a realistic exercise with the right stakeholders and documenting lessons learned can go a long way in helping your team respond to an actual insider incident when the time comes.
Organizations that promote a corporate culture of security and foster enterprise-wide ownership for witting and unwitting insider risks are better postured to minimize impacts from an insider incident to business operations.
For more see Cognitio’s Insider360