The Changing Nature of the Insider ThreatJoseph Blankenship of Forrester Describes Efforts to Enlist Insiders for Fraud
Cybercriminals and nation-states are attempting to recruit insiders at companies around the world to help steal credentials and intellectual property, says Joseph Blankenship, vice president and research director at Forrester, who offers risk mitigation insights.
Many companies "don't actually understand sometimes what the real risk is to their business, to their intellectual property and the way that they run their business," he says, commenting on the insider threat.
"Understand if you've got any geopolitical risk to your business," he advises, pointing out that, in many cases, outsiders try to infiltrate insiders, either through social engineering, bribery, threats or blackmail. "So understand that risk environment, and then you can start building your plan."
In a video interview with Information Security Media Group, Blankenship discusses:
- How organizations have changed their approach to monitoring and deterring bad insider behavior since the shift to remote working;
- How to avoid adverse effects from taking the wrong approach to managing insider threats;
- How malicious insiders use the dark web to sell company data and what organizations can do to protect sensitive data from insider theft.
Blankenship, vice president, research director, security and risk at Forrester, helps clients develop security strategies and make informed decisions to protect against risk. He covers security infrastructure and operations, including tools for the security operations center, such as SIEM; security analytics; and security automation and orchestration, or SAO.