September 2022 is the fourth annual National Insider Threat Awareness Month, according to the National Counterintelligence and Security Center. Let’s take this opportunity to remind ourselves and our organizations of the importance of being aware and vigilant when it comes to protecting sensitive company information from malicious insiders and account compromise attacks.
What, Exactly, Is an Insider Threat?
An Insider Threat is unauthorized access or theft of data from within the organization, rather than from an external source. Whether it involves a disgruntled employee seeking retribution, a worker looking to profit over the sale of proprietary data, or simply someone accessing data for the sake of curiosity, insiders are as important a consideration as any external threat. An external attacker who compromises a user’s account is also considered an insider threat since that individual now has authorized access to that user’s accounts, data, and applications.
2022 Theme: Critical Thinking in Digital Spaces
The theme for this year’s National Insider Threat Awareness Month is “Critical Thinking in Digital Spaces.” According to the Defense Counterintelligence Security Agency Director William K. Leitzau, “Critical thinking in a digital society is a skill that all security professionals must develop, especially as we become more reliant on technology. A key component of insider threat prevention is to develop increased awareness and understanding of hidden dangers. Critical thinking helps individuals become more attuned and less susceptible to such dangers, including social engineering, solicitation by adversaries (foreign and domestic), and harmful information.”
National Insider Threat Awareness Month Resources
The Center for Development of Security Development, Defense Counterintelligence and Security Agency has resources you can leverage. These include:
- Awareness Materials: Videos, posters, infographics, graphic novels, and games
- Training and Educational Materials: Case studies, eLearning courses, shorts, and job aids
- Messaging Materials: Communications guidance
In addition, the National Counterintelligence and Security Center (NCSC) has a huge volume of awareness materials including details on insider threat tactics such as social media deception, spear phishing, travel exploits, human targeting, supply chain risk management, and economic espionage. You can download ready-made posters, brochures, and flyers to share within your organizations.
Government Task Force on Insider Threats
Also, within the National Counterintelligence and Security Center is the National Insider Threat Task Force (NTTF), a team assigned to develop a Government-wide insider threat program for deterring, detecting, and mitigating insider threats within government agencies. They have put together additional content for National Insider Threat Awareness Month.
In the decade of its existence, the NTTF has delivered advice and instructions to a variety of agencies on how to promote awareness and education of the need to understand and protect against insider threats to data and other computing resources. It periodically releases guidance and information to agencies on how to best promote plans and policies on protecting data from insider threats in specific government agencies.
How Do You Mitigate Insider Threats?
One of the most important ways to mitigate insider threats is through awareness and education. The vast majority of employees are honest and want to do the right thing. If they are educated in what to look for and how to respond, they can become an important part of your cybersecurity strategy. Understanding the potential for insider threats is important for everyone in an enterprise, from security analysts to individual line and staff employees. After all, insiders are already inside the organization, so they have access to internal computing resources and know where to find sensitive corporate information.
There is more to a cybersecurity strategy than promoting awareness and actions against potential insider threats, however. Behavioral Analytics is a technology that leverages machine learning and artificial intelligence to monitor user behaviors in real-time to identify malicious activities. Gurucul’s User and Entity Behavior Analytics is renowned for its unparalleled ability to distinguish unusual activity from malicious activity in order to stop insider threats before data is exfiltrated.
Gurucul Insider Threat Resources
Take a moment to review Gurucul’s Insider Threat resources this National Insider Threat Awareness Month:
- Upcoming Customer Webinar: “Improving Contextual Analysis for Protecting Organizations from Insider Threats” featuring customer speaker – Robert A. Davidson, Insider Threat Manager at Dominion Energy
- On Demand Customer Webinar: “Lessons Learned from Operational Insider Threat Programs” featuring customer speaker – Michael Williams, Director of Technology & Insider Risk, Edward Jones
- 2021 Insider Threat Report: Cybersecurity Insiders’ 2021 Insider Threat Report, sponsored by Gurucul
- Whitepaper: Best Practices for Implementing an Insider Threat Program
- Blog: Lapsus$ Group Exposes Internal Threats Are Also External Threats
Of course, you can also find plenty of insider threat mitigation resources on the Gurucul insider threat solution website, so spend some time exploring what we have to offer.