Thinking about National Insider Threat Awareness Month (NITAM) immediately triggers the refrain of an inimitable thought leader in our collective memory:
So, in light of that truth, and because about two-thirds of data breaches involve an insider and 59% of security leaders expect insider risks to increase in the next two years, we’re happy to announce that we’ll be participating in Insider Threat Awareness Month 2021.
As laid out by the Center for Development of Security Excellence (CDSE):
“Participating in Insider Threat Awareness Month 2021 can help your program detect, deter and mitigate insider threats by increasing awareness and promoting reporting. Insider threat awareness is not about curtailing protected free speech or suppressing legitimate whistleblowing; it is about preventing the exploitation of authorized access to cause harm to an organization or its resources. It is vital that we prevent these actions and safeguard national security, while protecting privacy and civil liberties.”
So, what are we doing to help foster awareness of insider threat1? We’ll be sharing insights every business day (+ Saturdays) throughout the month of September, starting today with this blog2.
1. Sponsoring the Insider Risk Summit 2021
The most holistic way to gain an awareness of insider threat is by joining the cybersecurity community and the rest of the Insider Risk Summit team at the Insider Risk Summit 2021. The event is free to attend and fully virtual.
The Insider Risk Summit, the industry’s leading conference on Insider Risk Management (IRM), brings together security leaders and practitioners and cybersecurity experts to learn, interact and share best practices in the IRM space. More than just one moment in time–the Insider Risk Summit is a community of organizations and security professionals that understand collaboration, productivity and enablement of users while meeting data security challenges. For the most up-to-date news about the Insider Risk Summit and the IRM community, go to insiderrisksummit.com or follow along on Twitter and LinkedIn.
2. Stories of Insider Risk
We believe it’s helpful to have a catalog of instances in your back pocket to truly illustrate a problem. Stories of Insider Risk are important to understanding this multi-faceted and growing problem and illustrating just how damaging an incident can be. Breaches from insiders can cost up to 20% of annual revenue per year.
To help fill your Insider Risk story library, through the month of September, we’ll share one story of an Insider Risk incident per day, Monday-Saturday, on our Twitter and LinkedIn social channels. This will highlight the damage that can occur including delayed reparations and time to file, among other repercussions. Key themes include departing employees and why Insider Risk is not something that should be taken lightly.
3. Daily showcases
Join us on our (Twitter and LinkedIn) social channels where we’ll share content to help you better understand and mitigate Insider Risk on a daily basis throughout the month of September. The theme days are:
- Media Monday: On Mondays we’ll be sharing some news articles discussing the Insider Risk issue and how organizations are solving the problem.
- Tech Tuesday: We’ll highlight a technical solution to Insider Risk Management to help you get an idea of options available in the market.
- Workforce Wednesday: There are multiple seismic shifts happening in the workforce right now. On Wednesdays, we’ll share insights on how those changes relate to Insider Risk.
- Thought Leader Thursday: Over the past few months through Code42 Live, we’ve had the opportunity to talk with thought leaders in the Insider Risk community. On Thursdays, we’ll share funny or particularly insightful takeaways from those conversations.
- Flow3 With It Friday: When all else fails, you’ve just got to go with the flow. No matter how prepared you are, sometimes bad things happen. On Fridays, we’ll share learnings from some of the larger insider incidents of the past few years.
4. Special CISO Series Conversation with David Spark
On Monday September 13, join us for a special edition CISO Series Conversation with David Spark. Code42 CEO Joe Payne and Elevate Security President, Masha Sedova will discuss “Hacking the Insider Risk Summit: An hour of critical thinking about creating a security aware culture”. Bring your good questions and your bad ideas for how best to create a security aware culture for an hour of discussion followed by optional networking.
That was a lot – let’s sum it up
How can you help in the fight against evil sometimes malicious, sometimes negligent Insider Risk? Well, the first step has already been accomplished, you’re aware that it exists. Next, you can follow @code42 and @insiderrisksmt on Twitter, join the conversation and maybe share some of the stuff that we’ll post using the #NITAM hashtag.
And now you know!
1. Even though we suggest thinking of it as Insider Risk.
2. Way to go, you’re already participating. Give yourself a gold star!
3. We had originally pitched a different name for Friday but that didn’t make it past approvals.