A new research from market analysts Forrester, indicates that insider threat will rise considerably in 2021.
The research predicts data breaches from insider incidents will be at least 1 out of every 3.
The report states, “In 2021, we will begin to see contours of the new economic, social, and cultural orders forged in the crucible of the COVID-19 pandemic.”
Forrester reports essentially combines three factors which lead them to expect an increase in insider incidents:
• More and more staff working remotely. This often happens in situations where the usual security measures and controls aren't tailored to this new reality.
• Employees perceiving the brunt of accrued job insecurity and realizing, right or wrong, that their company aren't actually protecting them during this crisis, but laying off colleagues while having a look only at savings and minimizing costs.
• Disaffected employees having easier access to company data and feeling mistreated.
From the report: “Leading CISOs will put a greater focus on insider threat defense while emphasizing improved employee experience — not treating users like machines — to avoid turning employees into malicious insiders. Considerations for employees’ privacy, company culture, and local standards for lawful, fair, and acceptable labor practices are key to the success of your insider threat program.”
CISOs need to realize the battlefield of insider threat has moved into open grounds, and these grounds happen to be off-network and off-VPN. In this new world, data security simply has to keep pace with the way people work. Incidentally, GDPR already mandates that data (personal in GDPR case) shall only be accessed by a restricted pool and in the 'need-to-know' basis. Raise your hand if you can adamantly say all your data processes are strictly this monitored.
Last, your people are scared, both of getting sick with COVID-19 and losing their jobs. How a company deals with this will be a crucial factor in creating goodwill and reducing the likelihood of turning a reliably employee into a mistreated, wounded, and offended individual who can turn malicious.
Protecting an organization from insider threat during a pandemic is not just about the tech, and not just about revenue. It’s just as much a human issue, empathy, and partnership. Simple measures that companies take during this time to remind employees of their value with actions rather than empty nice words can be in the best corporate interest.
In this new scenario:
• Use connectivity like VPNs or Zero Trust Network Access (ZTNA) solutions
• Apply Zero Trust controls to sensitive data and systems in order to control and monitor access
• Educate users about safe and appropriate data handling in a remote setting
• Don't rely only on user behavior monitoring tools that no longer reflect the actual environment users are working in
And so, treat them well, don't be petty or be perceived as such. Your staff are precious.
Plan to remote-wipe the data and allow the user to keep the device as part of their severance. Don't menace financial penalties: that will help to build goodwill and prepare that user for their career journey.