Technology Can Not Diminish Insider Threats By Itself

A trusted insider is more of a therat to the US government than the threat of Russian or Chinese economic espionage 

Insider threats have disclosed and improperly removed troves of sensitive information from government networks that compromise secrets and highly secretive security programs. While various technical and cyber-enabled monitoring tools have been applied to prevent such actions, the intelligence community’s top counter-intelligence officer believes that understanding the human element is most important.

“The mind of the insider threat: That is what I believe to be the critical component of stopping, if we can,” the individual that wants to be nefarious and do malicious behavior, said William Evanina, the national counter-intelligence executive within the Office of the Director of National Intelligence.

Speaking during a recent event hosted by the Intelligence and National Security Alliance, he said monitoring these insider threats is “almost impossible” because the intelligence community, government or private sector are not going to create a draconian environment where they search people on their way in and out. 

The question, then, does not become one of technological solutions, some of which use analytics to monitor certain cyber activity, but rather how to get “left of an event” by identifying the individual and providing a venue to act out. These venues, he said, could be as simple as an employee assistance program, an interview with someone in the security department or a peer consultation.

There are highly capable tools to track keyboard strokes and data, but it will not identify an individual that was passed up for a promotion or the individual going through a divorce or financial difficulties, Evanina said.

“There is no technological monitoring that can detect that.” 

He said there are three categories that are key to understanding and identifying the insider threat: narcissism; Machiavellianism (the ability or a want to manipulate others); and a callous, cold personality. 

The key to success for curbing insider threats will be to marry these three categories by understanding the individual’s mindset and have robust monitoring on the individual's systems and data.

INSA released a white paper outlining behavioral models that can improve the monitoring of insider threats. “Both goals, improving early warning of vulnerability and understanding individual complexity, entail not only defining psychological models but also seeking methodologies and tools that can assist in swift, continuous identification and assessment,” the white paper reads. 

“Most efforts to data have focused on characterising individuals at a specific point in time, during an initial or periodic investigation, but employers now recognise the importance of leveraging innovative technology and data sources to monitor and evaluate individuals on a continuous basis.
 
With the boom in social media, the report notes that leveraging certain tools can help identify certain individuals and personalities at risk for insider threats. These include personality mapping (psycho-linguistics), life-event detection (text analytics) and emotion detection (sentiment analysis). 

C4Isrnet
 

 

You Might Also Read: 

US Intelligence Agencies Fear Insiders As Much As Spies:

Safeguard Data When Employees Leave:

Are Employees Your Weakest Link When It Comes To Security?:

 

 

« Ten Myths About Cybercrime
Cybersecurity Trends For Boards & Directors »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSIRT-CY

CSIRT-CY

CSIRT-CY is the National Computer Security Incident Response Team for Cyprus.

Computer Forensics Consult (CFC)

Computer Forensics Consult (CFC)

Computer Forensics Consult provides disaster recovery, computer forensics, electronic discovery and litigation support services in the growing area of Cyber Security.

CYE

CYE

Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

Parameter Security

Parameter Security

Parameter Security is a provider of ethical hacking and information security services.

BlackhawkNest

BlackhawkNest

Blackhawk is the only cyber security solution on the market that combines network monitoring and incident response into a cohesive appliance.

Sunartek Labs

Sunartek Labs

Sunartek are equipped with expert resources and advanced technology to identify cyber threats and prevent any breach, bypassing the security network of your organization.

R-Tech

R-Tech

R-Tech GmbH manages the digital start-up initiative, whose goal is to build a sustainable start-up culture in the field of digitization throughout the Upper Palatinate district of Bavaria.

evolutionQ

evolutionQ

evolutionQ delivers quantum-risk management strategies and robust cybersecurity tools designed to be safe in an era with quantum computing technologies.

Mage Data

Mage Data

Mage (formerly Mentis Software) is a leading solutions provider for data security and data privacy software for global enterprises.

Mode Solutions

Mode Solutions

Mode guarantee IT performance where you need it most, creating seamless and secure solutions that will alleviate pressure from your business.

BlueSteel Cybersecurity

BlueSteel Cybersecurity

BlueSteel is a compliance consulting firm that leverages deep system, data and application expertise to build sustainable cybersecurity solutions.

VLC Solutions

VLC Solutions

VLC Solutions is an independent solutions and technology service provider offering Cloud Services, Cybersecurity, ERP Services, Network Management Services, and Compliance Solutions.

Allstate Identity Protection

Allstate Identity Protection

Allstate make it easy to provide complete identity protection, so everyone can live more confidently online.

ConvergePoint

ConvergePoint

ConvergePoint is the leading compliance software provider on the Microsoft Office 365 SharePoint platform.

OrbiSky Systems

OrbiSky Systems

OrbiSky Systems is a British tech startup specializing in data management and cybersecurity solutions.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.