Originally published on Federal Blue Print
The Information Sharing Environment (ISE) recently issued a report that highlighted how many federal agencies are currently challenged when it comes to dealing with insider threats.
Forty four percent of 39 agencies surveyed reported that they had not yet met the minimum standards required for an effective insider threat program.
According to the ICE’s 2013 annual report to Congress, these standards include the ability to gather, integrate and centrally analyze and respond to key threat-related information. It also involves monitoring employee use of classified networks and insider threat training for agency employees.
As we recently highlighted in a podcast interview with Brian Contos, VP & CISO of Blue Coat’s Advanced Threat Protection Group, government agencies need to consider many variables when it comes to dealing with people who do nefarious things with their access to trusted networks.
Contos discussed how insider threats are often greatly under reported because of the multiple channels for gaining access to information – whether through the cloud or through mobile access to data. In addition, breaches occur from both the careless insider who is unaware of his or her activity or from a malicious source.
In addition, insider threats can come from anyone with elevated trust, which can include employees, contractors, partners, visitors and consultants. This makes it even more challenging to both mitigate risk and deal with investigations after a breach has occurred.
One of the biggest challenges with dealing with insider threats is the human element. The main motivation for breaching trusted systems comes down to money, but it can also come from someone who is seeking revenge.
Be sure to stay tuned for the second part of our podcast with Contos where he discusses the key technical steps that federal agencies can take to more effectively deal with insider threats.