Insider Risk Management
While the entirety of risk management is undoubtedly now more complicated, Insider Risk in particular continues to be one of the most difficult to detect and reduce.
CISA defines insider threat as the threat that an insider will use their authorized access, intentionally or unintentionally, to do harm to the department’s mission, resources, personnel, facilities, information, equipment, networks, or systems.
The most recent example and very significant “Insider” breach occurred earlier this week, when a 21-year-old (age as a risk?) Air national guard technology support staffer was arrested following a series of reports identifying him as the leader of a group on gamer site Discord, where documents with significant intelligence on adversaries as well as allies were posted in recent months before spilling over onto other social media sites.
Jack Teixeira, was in a relatively low-ranking position, but one that still came with access to the Pentagon’s Joint Worldwide Intelligence Communications System (JWICS)
Has insider risk been identified as one of your risk sources and how is it being mitigated, monitored and surveiled in your organization?
If not now, then when?
Keep your friends closer but your “employees” closer? (my words/question)