Identifying Insider Threats When Your Employees Are Remote

Insider threats are on the rise, with 69 percent of organizations saying an insider threat directly caused an attempted or successful threat or corruption of data in the last 12 months. The costs of these attacks can be significant, with the Ponemon Institute estimating that the global average insider threat cost is $11.5 million.

Insider threats cover a broad category of cybersecurity incidents. The most commonly thought of category of insider threats includes malicious sharing of information, such as downloading sensitive financial information or intellectual property and sharing with unauthorized parties; however, insider threats can also include an employee or contractor who accidentally misuses their access to affect the organization negatively.

Now in a pandemic world where millions of employees migrated to remote work, the question naturally becomes: How do you identify and mitigate insider threats when employees are working outside the traditional security protections of the corporate network? On top of that, employees are facing increased threats that may force them unintentionally to become insider threat actors, such as phishing attacks.

The first step is to gain visibility into the new attack surface created by remote work, such as new personal devices that employees may now be using to access sensitive corporate assets. IT administrators should monitor how users interact with information to detect initial attack vectors and reinforce that with a business continuity plan. On top of that, network security teams can analyze packet data to determine a new baseline for performance and enable the spotting of anomalies.

While technology can go a long way toward supporting and securing remote work, insider threats ultimately come down to the people themselves. Security awareness training can help ensure employees can spot incoming threats and understand how to implement security best practices. These pieces of training can be tailored to what scenarios employees may encounter in a remote working world.  

While the pandemic will certainly not last forever, the future of remote work is here to stay in some form. Many employees have proven their viability to work from home, opening the door to a more flexible work schedule and location. According to Gartner’s research firm, eighty percent of company leaders plan to let employees work remotely at least part-time after the pandemic is over.

For business leaders, that means the cybersecurity considerations around remote work and insider threats are also here to stay. Having a long-term plan in place to mitigate these threats will help ensure a secure future of work.