"Defending Against Cybersecurity Moles Inside Your Agency"
Insider threats are often considered to be either disgruntled employees or people who have made errors. However, in the age of COVID-19, insider threats are changing. An insider is now more likely to be a remote employee who appears completely harmless. With the movement to a virtual workforce, employers are not being protected by brick-and-mortar security practices. In many cases, access to sensitive data has become increasingly available and uncontrollable. Forrester's 2021 cybersecurity report predicts that 33 percent of security breaches will be caused by insider threats in 2021, which is an increase from 25 percent primarily due to remote work. Michael Crouse, an ITPM user protection specialist at Forcepoint, encourages organizations to combine a zero-trust approach with user behavioral analysis to reduce the potential impact of insider threats. The pandemic has magnified the importance of behavioral analysis to detect deviant usage patterns. Organizations should consider putting measures in place to monitor users' behaviors and whether or not they are on a company-secured Virtual Private Network (VPN). It is essential to understand a user's intentions and activities regardless of their location. During monitoring, look for signs of unusual behaviors. Couple user behavioral analysis with a zero-trust approach to ensure the continuous verification and validation of users as they try to access sensitive information. This article continues to discuss the growth in insider threats during the pandemic and how combining a zero-trust approach with user behavioral analysis can help combat these threats.
NextGov reports "Defending Against Cybersecurity Moles Inside Your Agency"