Despite significant cybersecurity investments, the record number of new breaches are proof we cannot solve our security problems by adding more technology. Simply increasing your security budget won't prevent data breaches stemming from accidental, compromised and malicious insiders.
Build an Insider Threat Program around 3 pillars:
- People - Identify insider threat problem , Build Legal/HR coalition, IS policy & strategy review
- Technology - Define requirements and used cases , Risk Assessment and Prove theory
- Process - Learn normal behavior, Identifier outliers, Risk scoring - threat vs. asset