For businesses, the only thing certain about 2020 is uncertainty. Remote and hybrid work models have broken down the boundaries of the traditional office. With these changes, teams are relying on cloud-based technology, remote access, and virtual computing to get the job done. Many organizations are stretched to do more with less, increasingly leveraging third party contractors and service providers to get their jobs done. All of these factors contribute to the need for insider risk readiness.
Why? Many organizations may not realize that 62% of insiders accidentally cause incidents. These insiders could be anyone with access to sensitive data, such as employees, contractors or supply chain partners. Many unknown factors could contribute to insider risk – not just an employee with malicious intent. Security teams that are set up to protect traditional network perimeters may find their defenses are no longer effective in the new work reality.
That’s why we created the Insider Risk Assessment to help you understand your organization’s maturity. Read on to learn more about how it works.
What is the Insider Threat Assessment?
The Insider Risk Assessment is a five-minute evaluation to check your insider risk readiness and benchmark it against your peers. In it, you’ll answer a set of simple questions to find out how well your organization is set up to:
- Detect malicious insiders, negligent behavior and compromised users
- See if users are undertaking risky actions such as data exfiltration, privilege or application misuse
- Know that your personnel are prepared and trained
- Have the right governance structure, policies and metrics in place
- Balance user privacy with organizational security.
From there, you’ll receive a free plan to improve your insider threat maturity. The plan covers five key areas of insider risk, including:
1. Governance and oversight
Governance and oversight are the foundations for any insider threat program. Many organizations have some governance in place, but may need to review and improve it. The plan you will receive gives tips for improvement in three key areas: people, program and policy.
2. Reporting and metrics
If you can’t measure it, you can’t improve it. That’s true for insider threat management programs, as well. We’ll show you which metrics matter most for both compliance and periodic assessments.
3. Operations
The goal for any mature insider threat management program is continuous improvement. Operationalizing risk controls in these areas can help reinforce the program’s setup efforts:
- Policies to ensure insiders can self-regulate, reinforced through security awareness training
- Processes to track and mitigate insider threat risk
- Technologies to prevent, detect, investigate, respond to, and recover from insider threat behaviors and incidents
- Industry standards to help set benchmarks and identify trends relevant to your industry
4. Detection and monitoring
The longer an incident lingers, the costlier it becomes. According to The Ponemon Institute study cited above, the average incident takes 77 days to contain.
Incidents that take more than 90 days to contain on average cost organizations $13.71 million yearly. Rapid detection mechanisms with real-time alerts on data and user activity can help in this area.
5. Investigation and response
Mature insider threat organizations understand that incident response is key. No matter how proactive an organization is, or how many defenses are installed, there will always be insider threats that slip through. The report walks through top response strategies of sophisticated insider threat programs.
Check your insider risk maturity
With today’s changing workforce dynamics, now is the time to evaluate your organization’s insider risk maturity. After the five-minute assessment, an easy-to-follow insider threat management plan will map out next steps for your people, processes, and technology.
Want to find out more about your insider risk readiness? Take the assessment today!
Subscribe to the Proofpoint Blog