Data is only as secure as the people who handle it, and as the strain on employees increasing, mistakes are certain to happen. Whatever the motive, one thing is certain – hybrid workplace introduce new vulnerabilities that can be exploited.
The sudden transition from structured, confined workplaces to remote employment has exposed more sensitive data than ever before. A single employee can connect to many networks, accessing confidential information on unapproved devices, saving sensitive files to personal USB drives and cloud storage, and allowing plenty of opportunity for insider risk or internal threats to go unnoticed. These threats can harm the company’s reputation, cost millions of dollars to rectify, and expose them to a huge liability.
While malicious insiders frequently make news, the majority of enterprise data leaks are unintentional, resulting from end users who fail to follow company security policy or try to get around it.
According to Ponemon Institute’s “2020 Cost of Insider Threats: Global Report”, only 23% of insider incidents were caused malicious insiders last year. Employee or contractor carelessness was responsible for about 62 percent of the incidents. Credential hackers disguised as insiders were responsible for the remaining 14%.
Let’s look at how insider risk has risen significantly in the hybrid workplace and what CISOs and other cybersecurity experts can do to combat it.
A security-first culture
Even the most sophisticated security systems might fail unless all employees believe they are trusted and empowered to protect the company. Businesses should provide relevant training and effectively communicate to their staff about their role in maintaining security, including how to secure information, appropriately classify data, and use the necessary security platforms across their apps and devices.
Employees don’t want to feel like they’re constantly being monitored or that their privacy is being compromised. Individual protection can be built into risk detection technology, ensuring that when employees log off for the day, their corporate device’s signal detection shuts down as well. Businesses should take initiatives to facilitate collaboration and productivity while guaranteeing the security of intelligence.
Promote holistic solutions
In order to gain insight into additional potential data sieves, organizations should have a complete picture of all the places where people work – in the cloud, on premises, within browsers, and across first- and third-party apps and collaboration services.
The most effective systems use analytics and machine learning to correlate and assess signal sequences and uncover potential threats, allowing IT security teams to swiftly take action or examine further and escalate as needed. Additionally, companies need to consider risk-alerting systems that use pseudonymization and robust access controls to protect employee privacy.
Another important factor is collaboration across departments like IT, human resources and legal. Enterprises can perform safety measures in the background while maintaining workflows for end users with the right tools and assistance from the relevant teams.
Visibility into insights and behaviors
Businesses that have a better visibility into behaviors and insights have a far better understanding of potential threats. When presented with a problem, it permits leaders to remain calm, preventing uninformed or impulsive reactions and allowing them to take appropriate measures to protect their organization. This level of control ensures that everything runs smoothly and safely.
For more such updates follow us on Google News ITsecuritywire News.