Site icon IT World Canada

Insider threats: Establishing intent and people-centricity

The “Bring Your Own Device” movement (BYOD) is now a given in the workplace. People have come to expect free access to company computing resources. While employers’ desire to introduce tighter security controls and policies is understandable, tech solutions are no cure-all. After all, even if you give people a new set of security policies to adhere to, and overall expectations may be higher than they were in the past, people’s core habits and attendant behaviours are not going to change overnight.

It’s a myth that companies that employ a lot of tech in their security environments are airtight. An excess of security, which can have the effect of forcing people to behave a certain way, may in fact leave a company less secure. At the same time, having a staff that is not allowed to use one kind of device or another, or outlawing specific behaviours, can also have a bad effect. The best, most effective security appears to be those that begin and end with the people that need to be protected.

Putting the pieces in place

“Ultimately, companies must acknowledge that technology doesn’t run technology — humans do,” said Michael Crouse, Senior Director Business Solutions, Advanced Data & Insider Threat Security Business, Forecepoint. “Although the digital warriors are coming, it doesn’t need to be a tsunami. Understanding employee security practices will help companies adjust security protocols and practices to not just accommodate a changing workforce but to take advantage of the skills they bring and the technologies they use. This will revolutionize the workforce for the better.”

“Companies must build a complete security program that combines processes, procedures, and technologies in conjunction with robust auditing and logging, to ensure proper visibility into various employee and machine behaviours. Ideally, they’re also correlated within a dashboard that connects the dots, providing constant visibility into how users interact with data and systems.”

Crouse said it is all about determining employee intent and whether they are doing their jobs and being responsible when they are interacting with data, independent of where and when.

“Critical data is everywhere now — 24 per cent removable media in the enterprise; 25 per cent BYOD; 48 per cent private cloud; 20 per cent public cloud. The notion of walls around data is not a realistic approach to security. People, specifically employees and contractors, remain the one and only constant from one phase of technological change to another, and companies must make a determined study of users’ intentions and cyber behaviours at scale so they can make the workplace truly safe and secure.”

Tips for establishing people-centric security

A truly people-centric system is comprised of many essential components, including:

“There are two reasons companies are not en masse shifting their focus from traditional insider threat paradigms: first, companies remain one step behind the tech flowing in from Silicon Valley. There is so much technological change right now that it may literally be beyond our control to restore the ‘old world order’ of the walled garden.”

“Second, many organizations are faced with the daunting task of managing the rise of the insider threat from the Boomers to the Millennials. The latter cohort is set to revolutionize the workplace. The shift in the workforce landscape represents cultural and behavioral changes that require companies to understand intimately these new digital warriors so as to add their security know-how to the overall mix.”

Crouse believes visibility is the key to establishing the context of a security event, allowing security teams to tell apart inadvertent and innocent behaviour from intentional and malicious activity.

“Whether we have a big data problem or a small data problem, it is time for us to ignore the noise coming from the network or from endpoints unless they are tied to something or somebody. We must reinforce our enterprise security with one simple objective: to gain deep visibility into user behaviour.”

Read more about “the human point” or visit itworldcanada.com for more Canadian IT News.

You can find out anything else you need to know about Forcepoint by visiting their website.

Exit mobile version