Published on September 23rd, 2019 📆 | 7214 Views ⚑
0Defense Dept. unveils counter-insider threat program
In conjunction with National Insider
Threat Awareness month, the Defense Department has launched a counter-insider
threat program aimed at educating its analysts on how to spot potential threats
and suspicious behavior.
âWhat we are trying to do is tell
people if you hear that, if you see that, if you sense that, pay attention to
that,â Brad Millick, director of DODâs counter-insider threat program in the
Office of the Under Secretary of Defense for Intelligence, said in a
report on the Defense Department website. âTo prevent damage and avert
casualties, we need the workforceâs help.â
Noting that some people are hesitant
to report on their coworkers or even themselves, Rebecca Morgan, chief of the
insider threat division at the Defense Counterintelligence and Security
Agencyâs Center for Development of Security Excellence (CDSE), said
counter-insider threat programs, which are meant to deter, detect, and mitigate
risk âare most effective when providing proactive intervention to individuals
who are struggling with everyday stress.â
That intervention, she said, could
prevent either âwitting or unwitting threats to the enterprise via unauthorized
disclosure, targeting and recruitment by foreign intelligence, acts of
workplace violence or other forms of harm to the department and its
assets.â
Warning signs and troubling behavior
may include threatening statements or actions, signs of disgruntlement,
ideological challenges or opposition to the mission, circumventing rules or
behaviors reflecting ethical flexibility, unauthorized browsing of files and
records and external influences like substance abuse or financial problems that
impact work.
âHereâs what you need to remember
when combating the insider threat: Understand the normal behaviors of everyone
that accesses your network. When you know the typical behavior, you can more
easily spot anomalies,â said Stephen
Moore, chief security strategist at Exabeam, who called it a hard
truth âthat you canât always trust your citizens â the employees, third parties
and machines operating inside your network.â
Unwitting insiders who open phishing
emails are often the starting point for ransomware attacks âwhich can then
wreak havoc on organizationsâ critical data and systems, let alone the costs of
recovery and possible damage to your brand,â said Caroline Seymour, VP of product marketing, Zerto.
The shortage of IT security professionals can exacerbate the likelihood that an organization will fall victim to an insider threat.  âThe pace of cybercrime is continuing to grow so the demand is outpacing the supply of security professionals who can help combat the ever-increasing threats. âWith the shortage in security, organizations are consistently operating understaffed, and team members donât have time to be as vigilant as they should be, which could lead to a slip in security,â said Eric Sheridan, chief scientist at WhiteHat Security. âPeople make the misconception that the people who are the reason for insider attacks are malicious, however, sometimes they are just individuals who are burnt out.â
Gloss