Insider Threat Management

Insider Threat Level September 2019: Insider Threat Awareness Month Edition

Share with your network!

It’s finally time for Insider Threats to get their own awareness month! This month, the US National Counterintelligence and Security Center named September as National Insider Threat Awareness Month, with the goal of spreading the word about this growing, yet often overlooked security threat.

This month’s Insider Threat Level dives into this story and more, including the high-profile criminal trial of ex-Uber engineer Anthony Levandowski, and a study on how most insider incidents go unreported by employees.

U.S. counter-spies launch campaign against 'insider' threats

(Source: Reuters)

Even though all organisations with sensitive data are at risk of Insider Threats, the problem remains under-the-radar relative to other types of security incidents. That’s why in partnership with spy and law enforcement agencies, the US National Counterintelligence and Security Center named September “Insider Threat Awareness Month.” 

Whether they’re malicious or unintentional, Insider Threats can go unnoticed if organisations miss key indicators that trusted employees or contractors are engaged in risky user activity. William Evanina, a former FBI and CIA official who leads the counterintelligence center, called the point of the campaign to “help government and corporate organisations get ahead of the problem by bolstering their Insider Threat programs so they can detect, engage and assist at-risk employees before they go down the wrong path.”

We couldn’t agree more with that mission. The right Insider Threat detection, investigation, and response strategy could mean the difference between containing an incident quickly and letting it become a costly, long-term problem.

What is a trade secret? A key question in the case against Anthony Levandowski 

(Source: The New York Times)

Even though one of the highest profile Insider Threat cases involving former Uber engineer Anthony Levandowski quickly got settled last month, the story is far from over. The case was referred to a federal judge as criminal lawsuit to determine whether Levandowski violated the Economic Espionage Act. Before joining Uber and leaving Google, Levandowski transferred thousands of files about Google’s self-driving car research to his personal laptop. This month, the difficult task of proving that Levandowski intended to inflict economic damage on Google rests on the government. This case could set an important precedent for many criminal Insider Threat cases in the future.

Senior Staff Immune to Insider Threat Finger-Pointing 

(Source: InfoSecurity Magazine)

According to a study from UK-based research firm Red Goat Cyber Security, employees are hesitant to tell security teams if they think their bosses are engaged in Insider Threat-related behaviours. In fact, the study found that anyone inside the employee’s immediate circle is relatively immune to being reported. However, employees were most likely to report suspicious behaviour from new staff (96% of respondents) or contractors (97% of respondents). The survey illustrates the fact that security teams cannot rely on employees alone to detect and report potential Insider Threats -- monitoring a combination of user and data activity is a far more effective strategy.