This article is an excerpt from GovLoop’s recent report, “Insider Threats: Mitigating the Risks at Your Agency.” Download the full report here.
Insider threats rank among the federal government’s gravest challenges. Their proximity to sensitive information endangers agencies even more than external hackers. The potential harm to victims includes corporate espionage, intellectual property theft and undermining national security.
The common trait insider threats have is their access to an agency’s internal data, IT infrastructures and security practices. Such threats include bad actors, mistakes and poorly secured devices with network access.
If you’re concerned about insider threats impacting your agency, GovLoop is here to help. These following best practices will help keep your organization safe from this cybersecurity danger:
1. Reduce Access for Administrators and Other Privileged Users
Hackers frequently target IT and system administrators because of their broad network privileges. Limiting those employees’ access so that they cannot go everywhere reduces their risk to the organization. If they need access to a sensitive system, grant it to them temporarily and track it. Reducing an organization’s number of privileged users also shrinks the potential for insider threat incidents. Fewer privileged users means fewer targets for cyberthreats and opportunities for accidents.
2. Gradually Apply These Tactics to Your Whole Agency
Users don’t need every system opened to them. Granting temporary, as-needed data access avoids insider threat exposure. Agencies should continuously monitor privileged users, however, because of the bigger risk. Contractors, branch office employees and “trusted” partners are additional examples of entities that can morph into insider threats with too much access.
3. Deploy the Right Tools
Using legacy tools to stop insider threats is risky, almost as risky as adding new, complex security features to legacy security infrastructures. A better solution is a platform providing integrated cybersecurity. It uses automation to control user access, monitor changes to critical systems and assets and provide security teams the context they need to spot and disrupt insider threats.
Download the full report now and find out how your agency can use layered security to find, prevent and mitigate insider threats in real-time.