Public and private sector organizations are being targeted by threat groups looking to gain access to their networks and sensitive data, but not all threats are external. Steps must also be taken to protect against insider threats, which can be just as harmful.
Insiders pose a serious threat to any organization. Malicious insiders have the advantage of having institutional knowledge and being trusted with access to sensitive data and resources. An insider could cause significant harm to an organization through the theft of sensitive data, disclosure of intellectual property to competitors, or by sabotaging IT systems. Insider threats could cause damage to the reputation of an organization, loss of revenue, reduced market share and, in some cases, physical harm to people. Insider threats include current and former employees, contractors, or any other individual with inside knowledge about an organization, such as a business partner.
To help organizations determine how vulnerable they are to insider threats, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has developed a new Insider Risk Mitigation Self-Assessment Tool. The tool consists of a series of questions on what is required to create and maintain an insider risk management program, the level of insider risk awareness among employees, the training provided to the workforce, and the nature of insider threats faced by an organization. The tool is intended to help organizations implement and maintain an effective insider risk management program and accelerate that process as far as possible.
“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said CISA Executive Assistant Director for Infrastructure Security David Mussington. “CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats. Taking some small steps today can make a big difference in preventing or mitigating the consequences of an insider threat in the future.”