Your classic IT horror story looks like this. Someone is on your network, but you don't know who it is or how they got there. Sometimes they are just sitting there, lurking, waiting undetected.
Other times they play their cards and make a demand—whether it's ransom money for your encrypted files, or that your entire team comes to a screeching halt and spends the rest of the day defending against a DDoS attack.
But what's happening more and more is even scarier. The real villain could be the guy in the next cubicle or the co-worker you run into as you're washing your hands. Then what? What's happening when the real threat is coming from within your company?
In our latest web conference, hosted by Presidio, industry experts spoke on the rising danger of insider threats and solutions to mediate the problem. Speakers included Dr. Christopher Pierson, General Counsel & CSO, EVP at Viewpost; Joe Leonard, VP of Cybersecurity Solutions of Presidio; and Kilian Englert, Technical Marketing Manager for Varonis Systems.
“You can’t hold people accountable if you haven’t done your job in terms of educating them,” Pierson said.
Apathy is the biggest threat to the defense of insider activity, whether it be malicious or accidental. It leads to misunderstandings and a lack of communication between departments.
Leonard explained that the most effective tools for educating your employees are interactive demonstrations. Five years ago it might have been showing a video, but now employees are likely to just leave it open on their laptops and walk away.
“When people are interested, they are going to learn from it,” Leonard said. They want to talk to people deploying solutions and to know how hackers actually wormed their way into their network.
“You can’t protect what you don’t know,” Englert said. For every piece of data, there should be someone tied to that data—and they should know the context of that information.
Behavioral analysis is also key in preventing an insider attack. Regular communication between departments can show if someone has been placed under review, has requested an advance in cash, or is having a hard time personally.
Leonard said, “Security is everyone’s responsibility; everyone in the organization has to work together."
Outside of behavioral analysis, it's important to simplify permissions and automate authorizations—especially for removing authorizations when they are no longer needed.
Pierson said it's absolutely critical to code your threat prevention strategy to the culture of your company. If your organization is the type of place where "everyone has a key to the door,” you need to analyze and assess the risk of this, and then communicate it with transparency throughout your business.
What's the number one thing your organization can do to prevent an attack from occurring, according to the speakers? Get people to stop clicking on things! Ninety-one percent of all cyber attacks begin with phishing, with 30% of targets opening phishing emails, according to the 2016 Verizon Data Breach Investigations Report.
Taking the time to walk over to someone's desk and ask if they really sent an email asking for your password can save your company a whole lot of headache. But communication is key to putting these good habits in place to prevent insider threats.
To learn more tactics for preventing insider threats, watch the full web conference on demand here.
