By PrivSec Report2020-10-08T17:07:00
Cybersecurity measures are often focused on threats from outside an organization rather than threats posed by individuals inside an organization.
Cybersecurity measures are often focused on threats from outside an organization rather than threats posed by individuals inside an organization. According to the US Department of Homeland Security 46 percent of the most expensive cybercrimes were a result of an insider threat and almost 34 percent of insider threat cases were targeted towards collecting personally identifiable information (PII).
Having controls in place to prevent, detect, and mitigate insider threat surge and accidental data leaks is a necessity for any organization that intends to protect its business-critical data.
Yet, Gartner states that only less than 20 percent of the organizations have an insider threat program today. While it is expected to grow to 60 percent by 2023, organizations must prepare for a functional insider threat program as a core part of their holistic cybersecurity strategy.
Building a proper insider threat program requires multiple technologies including endpoint detection and response (EDR), data loss prevention (DLP),and in-depth analysis of user behavior (UBA).
Building an Insider Threat Program for your Organization