Remote Work Cybersecurity
Insider threat steps to take
When it comes to remote work, it makes insider threat a real challenge. SC Magazine interviewed David Reilly, the ex-CIO of the Bank of America, and he makes a clear case for why companies should address the situation sooner rather than later.
With two decades of experience as an information technology and security team leader within banks and investment firms, his expertise serves these institutions well. However, insider threat affects every industry, as David points out in his interview. This means that even if your organization is not a financial firm, there are still takeaways that can help.
One of the first areas David highlights is the critical information accessed by system administrators and database administrators. They all have privileged access, which needs to be closely monitored. You want to know how the access of your critical network extends to third-party vendors. From system administrators to database administrators and third-party vendors, all network access points create a heightened risk for the landscape.
As soon as remote work took off there was a threat profile change that required executives to quantify the risk presented by each employee, third-party and application access. What you want to note is if the data is secured from all aspects related to entry points.
You might know by now that damage brought about by insider-driven network compromises are much more damaging and costly than ones where employees are not a part of the problem. Ponemon “Cost of Insider Threats Global Report” for 2022, revealed that cyber incidents originating through malicious, negligent, and compromised employees have increased to 44% in the last two years.
Furthermore, the cost of insider breach has risen by more than one-third from last year. It is now at $15.38 million. What has also gone up, is the days it takes to fix an insider breach. According to the report it has gone from 77 days to 85 days to rectify an insider breach. In this time, a good portion of it is spent on containment.
David reminds us that even before insider threat was well known, the Bank of America was one of the first financial institutions to make the headlines due to the financial institution’s losses through a fraud scam. Also, in case you didn’t know, for financial institutions you can elicit “actional insights that security teams can use to give priority to actions that remediate and tailor cybersecurity education for the company.”
Another important note for the insider threat challenge is the fact that globally, there’s a desire to make cyber risks reporting consistent. While it will help to set guidelines with the company, remember that it will continue to be key to quantify and measure when assessing, prioritizing, and mitigating.
Even though you see an agreement on what the best set of metrics and practices within your enterprise are, unlike big firms, you may not be able set up cybersecurity best practices as easily. It takes time to establish a robust plan for insider threat and remote work. Especially with limited resources available.
Making the most of the security team and technology you have is important, and so is your consistency. The steps you take are always going to be fundamental to creating a conversation and applicable measures for the enterprise and insider threat with remote work.
If you need support, schedule a free consultation with one of our experts: https://calendly.com/ncxgroup
Photo courtesy of ESB Professional