Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) defines insider threat as “the potential for an insider to use their authorized access or understanding of an organization to harm that organization.” The nature of insider threats is fairly wide-ranging. Most of us in the security field will naturally think of insider threats in cybersecurity terms, but CISA’s definition includes things like espionage, terrorism, and workplace violence.

While a majority of discourse in the cybersecurity industry is focused on external threats – malicious hacking, phishing, and the like – the fact is that internal actors are just as capable of causing damage to an enterprise, if not more so. An insider threat may have access to resources or areas of the network that someone outside the organization would need to do extra work to obtain.

Cloud computing is the most cost-effective way to store and manage data and meet growing business demands today. However, the rapid rise of cloud usage means you need to stay alert to potential cloud security insider threats that can compromise your sensitive data and security posture. In this post, we discuss the insider threat landscape, explore several types of cloud insider threats, and examine the best practices to combat these threats.

Government offices deal with sensitive information all the time. In fact, they deal with the most sensitive kinds of information—classified information, data assets requiring security clearance, or other kinds of classified material subject to additional government requirements. So how do governments deal with insider threats? The federal government has established some pretty extensive and detailed policies to keep data safe.

Also known as “bossware” and even “employee surveillance”, employee monitoring has been placed in the bucket of technologies that companies force on their employees. Whatever you call it, its use is on the rise and it looks like it’s here to stay. As of 2022, 60% of companies use some kind of software to monitor employees. General productivity isn’t the only justification for implementing employee monitoring.

The third quarter of 2022 was challenging for government and corporate servers across the globe — we witnessed a 70% increase in data breaches over the second quarter’s numbers. Considering that security lapses are mainly on the shoulders of CISOs, it’s vital to know the instruments for improving their effectiveness. This blog post outlines a white paper written by former Gartner analyst Jonathan Care.