IE11 Not Supported

For optimal browsing, we recommend Chrome, Firefox or Safari browsers.

Cybersecurity Experts Look Inward to Cut Risks

Internal threats have become a serious security concern with incidents as large as Edward Snowden’s famous WikiLeaks.

Internal threats have become a serious security concern with incidents as large as Edward Snowden’s famous WikiLeaks.

With such risks in mind, the public and private sector leaders have been looking for solutions to help them mitigate risks posed by people on the inside.

The commander of California’s Cybersecurity Integration Center, Keith Tresh, recommended factoring internal threats into cybersecurity plans in an email to Techwire.

“What we are doing is we have policies and standards in place that ensure folks that have access only have access to the level of the job they perform in the organization,” Tresh said. “Also anybody that's got access to sensitive information only has access to what they need to accomplish their job tasks.”

Similarly, Tony Gerberick, senior systems engineer for Centrify, recommended limiting privilege.

“When an employee has too much access and privilege, they are exactly who the bad guys are targeting,” Gerberick wrote in an email to Techwire.

This mirrors what CIA veteran Carol Rollie Flynn spoke about at the Cybersecurity Education Summit on Oct. 10. Personality, precipitating crises and opportunity can take an employee from mundane to threat.

“Most people don’t join an organization with intent to harm. It happens somewhere along the way,” Flynn said.

Gerberick echoes that idea.

“Corporate citizens may not have any malice, but they are still vulnerable to being tricked via phishing or other scams, transforming them into an innocent and yet crucial enabler to a threat from the outside,” he wrote.

On the other hand, malicious actors may act because of money, ideology, coercion or ego, Flynn said.

She recommended a holistic and inclusive organizational culture. Being vocal about an insider-threat program where everyone is involved helps increase communication and reduce risk, she said. She also recommended a preaudit of employees to offer a baseline of employee behaviors.

“Bottom line is the only way to combat it is to have good practices in place and to ensure folks are monitoring logs to make sure people are not downloading and or accessing things they do not need to be and to look for any large file transfers,” Tresh said.

Gerberick also recommends the following:

  • Prioritize Privileged Access Security For Both Internal and External Users
  • Privilege Elevation — Grant just enough privilege when needed
  • Adaptive Multi-Factor Authentication (MFA) for Privileged Access — Prove who they say they are
  • Shared Password Management — Control shared access to privileged accounts
  • Privileged Access Request — Self-service, just-in-time, privileged access
Kayla Nick-Kearney was a staff writer for Techwire from March 2017 through January 2019.