By Sarah Walker
According to EY's 2015 Global Information Security Survey, the overwhelming majority of businesses today believe their security protocols related to insider threat are not up to standard. So why is it that insider threat programs rarely get the funding needed?
By April Resnick
When it comes to training your employees to identify and report insider threat in the workplace, NISPOM Conforming Change 2 is quite specific about what is required for compliance. This is one area in particular where you should really strive to go beyond checking the box - consider that the safety of your assets, vitality of your business, and loyalty of your customers all hinge on the ability of your staff to keep your most valuable information safe.
In fact, even if your business is not subject to federal insider threat regulations, these precepts are important to create a robust security culture. With the average cost of a data breach rising 11 percent in 2015 to $217 per stolen record, you truly can’t afford NOT to train your employees to take personal responsibility for preventing and identifying insider threats.
By April Resnick
One reason the cult classic movie Office Space is beloved by so many is that almost everyone can relate. Who hasn’t developed an emotional attachment to a stapler, grimaced every time a too-cheerful cube mate answered the phone, or fantasized about taking a baseball bat to a stubborn printer? We’ve all been there, and it’s perfectly healthy to experience negative feelings about work - they tend to ebb and flow, and can even serve a purpose, whether it’s a motivating factor to improve things, or a push to move on to the next opportunity.
But what is it that separates a normal, fleeting case of “The Mondays” from the very different impulse to launch an embezzlement scheme or commit arson? Are the “bad actors” who perpetrate acts of insider threat in the workplace born, or made? And most importantly, how can you protect your organization by identifying and addressing a brewing storm before it’s too late?
By Greg Cullison
It’s no secret that insider threat often rears its ugly head in the digital domain. So it makes sense to use technology to prevent and detect digital misbehavior. But don't confuse the tool for the solution. The capability to capture analytic indicators of insider threat is not the same as knowing what to do with them. How can a story about fishing help make sense of this?