2019 was the year of the Insider Threat – and they are sure to continue to compromise organizations in 2020. The Cybersecurity Insiders 2019 Insider Threat Report revealed that 70% of organizations surveyed reported they saw in increase in see insider attacks in 2019, while 60% had actually experienced one or more attacks within the last 12 months. It’s safe to say in 2020, companies in every industry, especially those with highly regulated and sensitive information (financial services, pharma/healthcare, government, etc.), remain at risk. 68% of the survey respondents note they feel “extremely to moderately” vulnerable to insider threats, and 85% found it moderately to very difficult to determine the actual damage of an insider attack when it happens.
Why Insider Threats are Not Going Away in 2020
Some front runner reasons for rising insider threats that promise be a top 2020 security problem include:
- The adoption of collaboration tools such as SharePoint, Teams, Box, etc. that make it a lot easier to access and share company information with virtually anyone.
- Most companies address security by locking data down in secure containers or folders – but don’t control what legitimate users can do with the data, making it easy to steal or accidentally share it.
- A mobile workforce means negligent, as well as malicious, insiders can jeopardize data security 24x7.
- Enterprise digital assets such as intellectual property and customer data are desirable to and lucrative to individuals, cybercriminals and nation-states.
The new cyber-norm for IT and information security will center around a multilayered approach that includes a data-centric strategy in order to provide the flexibility and adaptability that organizations require. Following are key insights to keep in mind when planning security strategies and tactics for 2020 and beyond.
Collaboration Tools Are Fueling Insider Threats
A multilayered security approach means not putting all the proverbial security eggs into one basket (i.e., an approach that’s only network and/or location-based). Success in information security transformation is going to be a direct result of the CIO’s ability to quickly adapt, remain flexible and focus on data-centric and identity security measures to ensure that both the perimeter and data are appropriately protected from external and internal threats.
The layered defense approach has to evolve to include protection to both systems – user identity and data assets. The risk of threats extending deep into the data layer when multiple collaboration tools are leveraged must be managed in the context of compliance regulations, as well. The rapid adoption of Microsoft Teams for collaboration is a good example of a coveted data vault at risk from every direction.
Data-centric protection means understanding both content and context in order to authorize access to and then clearly define what a user can do within an individual file based on their real-time circumstances. For example, are they in the office or remote, what time of day is it, and how sensitive is the date they are trying to access – then based on this information access can be granted or not, as well as controls on sharing enforced.
Secure Collaboration – The Not So Impossible Paradox
The best way to combat insider threats is to put secure collaboration at top your list of security resolutions for 2020. Learn why traditional approaches are failing to secure collaboration from insider threats in this new white paper. Explore:
- The impact of modern collaboration demands on information security
- Why traditional security practices are falling short
- The more effective data-centric method to secure collaboration from insider threats