Insider threat is rapidly becoming one of the biggest concerns for security teams and C-suites alike. But here’s the most challenging thing about insider threat: it can’t be approached the same way you defend against external threats, or you’d bring your business to a halt. Risk to data due to employee behavior can never be fully avoided because it would require organizations to give up all the benefits of productivity and collaboration. Insider threat is an unavoidable product of our new world of work. Here’s what we mean:
The modern world of work looks vastly different than even five years ago. Companies in every sector are evolving at their core as digital transformation efforts push them to do business in new ways and with new technologies.
The expectations and behaviors of the workforce are also transforming. Employees are working remotely and collaboratively with many colleagues, partners and customers. They’re accessing data through cloud products from a variety of networks and devices.
And the way they think about their work is changing, too. As workers switch jobs more frequently, notions of loyalty are waning and employees have a stronger allegiance to the work they do (and the ideas they create) than to the company they do it for. Employees increasingly believe that they own the ideas they create — and 2 in 3 employees openly admit to taking ideas with them when they leave because they think it is their right to do so.
These changes aren’t a sudden shift; they’re a natural evolution. Companies have been pushing to move faster and be more agile for two decades now — and a major part of that is empowering employees to work in easier, smarter ways. But this evolution means data is more portable than ever. Workers are more mobile than ever. Collaboration is more critical to business success than ever. Together these factors dramatically increase the performance of a business while also increasing the prevalence of insider threat incidents.
In short, managing insider threat requires security’s mindset and tech stack to evolve because it can’t be managed through approaches that address risk at the cost of innovation and growth. Security teams need to be able to allow collaboration while ensuring there’s a way to quickly and accurately detect the risks that truly matter.
Block or surveil: Two common approaches to addressing insider threat
Here’s another big challenge for security teams tasked with managing insider threat: insider threat is a business problem that is not solved by any one category of software. Today, there are two main technical approaches to addressing the insider threat problem:
To Continue Reading…
Share a few pieces of information and we’ll personalize your experience with us