Insider incidents, whether intentional or unintentional, can harm your organization in the form of financial and reputational losses, compliance violations and fines, and operational disruptions. What can you do to avoid this? How can you protect yourself against insider threats? The solution is simple: fortify your organization’s security processes with a carefully executed insider threat strategy.

Elizabeth Harz, CEO of Veriato, gave an interview to ISMG at this year’s RSA Conference in San Francisco. In it, Elizabeth covers the challenges of maintaining data security in the remote or hybrid workforce environment and the rising cost of data breaches. She also discusses some of the tools and solutions and can help businesses better manage their cybersecurity challenges.

The people closest to your business can sometimes cause the most damage. Yet while top-secret data leaks are headline news today, most insider threats are well-intentioned people who just screw up.

Access control is one of the most important cybersecurity practices. Careful adjustment of users’ access rights helps to secure sensitive data and reduces the chance of a successful attack. However, choosing an access control model relevant to your organization can be tricky. In one of our previous posts, we reviewed role-based and attribute-based access control models. This article discusses use cases for mandatory and discretionary access control models.

U.S. officials confirmed last week that a member of the military photographed and uploaded more than 50 classified documents to a Discord server and other social media sites, again reminding us of the danger insider threats can present to any organization. According to the Associated Press, a member of the U.S. Air National Guard was arrested last week in Massachusetts in connection with the leak.

‍Insider threats are one of the biggest internal cyber threats to organizations because they are often detected too late, and the responsible individual has access to sensitive information that gets released or exposed. Insider threats can pose a significant concern for organizations of all sizes and industries because they can result in severe financial and reputational damage and even legal penalties.

The General Data Protection Regulation (GDPR) is often considered the strictest regulation in the world for securing users’ personal data, with fines for non-compliance reaching more than €20 million. The GDPR applies to all organizations processing the personal data of European Union (EU) residents. Do you find it daunting to read through the complex articles of this regulation?

The costs associated with insider threats continued to rise in 2022. This is bad news for organizations that are already under financial pressure from the uncertainty of the economy. As interest rates continue to climb and customers become more conservative about how they spend, the last thing that any organization needs is to be putting out fires from security incidents coming from arsonists inside their own house.