Released today, MeriTalk’s Inside Job. The Federal Insider Threat Report surveyed 150 Federal IT managers on insider threat. The new report examines actions agencies should take to minimize risk and cyber incident consequences.
The consequences are real. In the past year, nearly half of Federal agencies were targets of insider threats and nearly one in three (29 percent) lost data to an insider incident.
The report also revealed the following key points:
- 40% say unauthorized employees access government information they shouldn’t at least once weekly.
- 45% cannot tell if a document has been inappropriately shared
- 51% say it is common for employees/contractors to not follow security protocols
- Only 39% offer employees annual in-person security training
Recommendations on how to minimize the risk of Insider Threat
A Joined-up Approach
To prevent insider threat activity, 40% cite end-user education and/or training, 40% cite security technology, and 20% cite additional controls and/or guidance. Quite rightly. Investments in the right technology, as well as employee training and education, are critical.
Start with Access Points
To minimize data loss, Federal agencies suggest limiting access points as the number one action to take when faced with an insider threat. With nearly 40% of these incidents the result of unintentional actions it makes sense to reduce the surface area for all types of potential breaches. Users should be ensured to have sufficient access rights to fully perform their tasks, but no more, or for any more time than is necessary.
Formal Insider Threat Programs do help
The 55% of Federal agencies with a formal insider threat program are also more likely to have advanced training, real-time alerts*, and agency-wide security.
*Type of Real-Time Alerts cited:
- Real-Time alerts for inappropriate access
- Real-Time alerts for inappropriate sharing
- Real-Time alerts for data loss
The right technology to help mitigate the insider threat
To help protect a Windows Network against the risk of the insider threat, IS Decisions software offers organizations proven and effective solutions:
- To know more about limiting and monitoring (in real-time) users access to network resources – take a look at the software solution UserLock
- To know more about monitoring and alerting on all improper access, alteration or destruction of sensitive files – take a look at the software solution FileAudit.