How to mitigate internal cyber threats
According to the 2017 Insider Threat Report, 74 percent of organizations feel vulnerable to insider threats, yet less than half of them have the appropriate controls in place to prevent an insider attack.
By controlling and managing access to data and systems, and by closely monitoring it, companies are hoping to gain early alerts to potential breaches. Careful monitoring may also assist in forensically mapping unauthorized access in the event of a major cyber attack.
Some employers have also begun to rely on technical oversight of their employees’ behavior on company systems as well as social media platforms. These measures may include monitoring what an employee shares onlineabout his or her employer or job. It may also involve automated reviews of what is emailed to addresses outside of the organization, and what is printed, by whom and in what quantity. Some may view this type of oversight as a violation of employee privacy; others may argue that expectations of privacy can blur at the edges of many confidentiality requirements placed on employees.
Regardless, employees need to understand what is expected of them. To earn loyalty and maintain open lines of communication, a company must be clear about employee responsibilities as well as what’s at stake.