What are the biggest barriers to stopping an intentional Insider?
The 2019 Insider Threat Report
High impact, interactive face to face training to raise awareness of insider threat risks to your organisation. Employees are often cited as being the biggest security weakness in your organisation, we help you turn them into your greatest defence. Our insider threat training program has been developed from ground-breaking research into the psychology and motivations of insiders. We use real cases to illustrate the key principles.
“Insider threat programs are built to defend against Manning and Snowden, but we need to protect against the next threat, the one that hasn’t happened yet..” – USA DoD
The insider threat is a widespread and rapidly growing issue. Studies have shown that shareholders and the public attribute more blame on the organisation when a breach is caused by an insider as opposed to an “outsider”. This training program furnishes your staff with the confidence to challenge and stop insider threats within your organisation before it gets to the breach stage.
- Types of insider threats
- Identifying concerning behaviours and what they could mean
- Threats from contractors and suppliers
- Factors that increase the risk of insiders
- Policies and the individual responsibility to report
- How to report and what information to include
- The benefits of reporting
- Why certain job roles make you a target
- List the different types of insider threat and their motivations;
- Explain the connection between certain behaviours and security;
- Explain the model of intervention and how you can ensure people report suspicious activity;
- List the technological, social and economic trends that lead to an increase in insider threats;
- Explain the importance of reporting and what should be included in a report;
- Identify the “high risk” roles within a company and the risks posed by contractors, partners and suppliers; and
- Explain key defensive measures to implement as part of an insider threat program.
“I often see a post-incident “rush” to categorise the insider threat actor as an isolated case or just a “bad apple”. What is fundamentally missing is an understanding that there is always a correlation between the working environment and behaviour. The environment and culture in a company can increase or decrease the risks of someone becoming an insider” - Lisa Forte