The COVID-19 pandemic forced many organizations to shift to remote work, creating new challenges for cybersecurity professionals. One of the biggest concerns is the threat of insider attacks, which can be difficult to detect and prevent when employees are working from home.
In episode 3 of our Security Leaders Perspectives series, industry experts Tom Kartanowicz, Lamont Orange, and Michael Orozco discussed the challenges of insider threats and how organizations can minimize the risks. They emphasized the importance of employee engagement and education, as well as the need for new technologies and concepts like Zero Trust.
Insider Threats in Remote Work: Risks and Mitigation Strategies
According to Lamont Orange, CISO, Netskope, the insider threat profile today includes everyone who is working from home. Employees who have access to sensitive data may be taking pictures of it with their phones or allowing that information to traverse their home networks, creating vulnerabilities that bad actors can exploit. To combat this threat, Lamont suggests using zero trust concepts to bring the right amount of security to the right amount of data for the right user at the right time.
“Our insider threat profile today is everybody sitting at home, you know, what are they doing? We have to give them access to be able to do work. We can’t see them taking pictures of it with their phone. We can’t see the information that maybe traverses their home network getting into our network.” – Lamont Orange
Importance of Employee Engagement and Just-In-Time Education in Cybersecurity Awareness
Tom Kartanowicz, Regional CISO, Global Financial Services, emphasizes the need for better engagement with employees, including soul-searching to ensure that the organization’s brand is aligned with its internal values. He also suggests explaining the risks and controls to employees and using senior management buy-in to set the tone for cybersecurity awareness.
“I think you could have better engagement of the employees, do a little soul searching internally with how your brand is really internally and try to make things easier and try to explain what’s available to the employees.” – Tom Kartanowicz
Another important step is to improve employee awareness and practices by moving away from “death by PowerPoint” and making cybersecurity awareness a team sport. Orange suggests testing employees with “just-in-time” education and implementing speed bumps for those who access sensitive components.
“You’ll hear many leaders say we phish test our organization. And, you know, that’s absolutely required. I think that that should be done. But there’s other things you can do around just-in-time education.” – Lamont Orange
Artificial Intelligence and Insider Threats
Finally, the experts discussed the role of artificial intelligence in insider threats. Orange suggests that AI and machine learning can be used to defend organizations against attacks, just as bad actors are using these technologies to attack us.
“The use of artificial intelligence and insider threats, I think they go hand in hand because, again, we have to work smarter as security professionals to protect our organizations and just as the bad actors are now using AI and machine learning to attack us, we also have to use it to defend us.” – Lamont Orange
In conclusion, insider threats and employee risks are a major concern in the age of remote work. Organizations must take steps to engage employees, educate them about the risks, and implement new technologies and concepts to minimize the risks. By working together and staying vigilant, cybersecurity professionals can help protect their organizations from insider threats and other cybersecurity risks.
“Underlying all of this, no matter what you do, have senior management buy-in. So, they set the tone at the top. They should be the ones sponsoring your program, putting out occasional newsletters, putting out occasional reminders, and then when they have their committees, they talk to their direct reports, have them inject a cybersecurity awareness tip in there.” – Tom Kartanowicz
View all Security Leaders Episodes: Season 1 | Season 2