At DTX, we’re always on the hunt for the next great piece of insight.
So, when listening to Exabeam’s New CISO podcast on tackling insider threats with Jeff Schilling, Global CISO for Teleperformance, we knew we had to share our key takeaways.
#1 Security teams can be a victim of their own success. As teams build and operate highly effective security estates, threat actors need to be increasingly creative to find gaps to exploit. Raising the bar to entry has not stopped threat actors in their tracks, instead they are looking for more inventive ways to test security teams and breach enterprises.
#2 Securing against insider threats needs to be a concern right from the start. Some may see insider threat protection as a later phase of the security roadmap, after a certain level of maturity is reached. Schilling is adamant that it needs to be a high priority from early on, with a baseline protection in place and then incremental improvement the goal.
#3 If you want to secure a global workforce, you have to make a global security culture strategy. It can be overlooked that what works for one region may be a detriment to another. If CISOs want to ensure that security culture lands across the globe, they need to map cultural differences in ways of working and adjust plans and messages accordingly.
#4 Make sure you’re driving round your digital trash truck. Every enterprise has noisy alerts or false alarms, but too often analysts lose critical time resolving the same issues. There needs to be a system in place to retire, silence or get rid of alerts that are cluttering up the work queue. This is essential if you want to give your teams the ability to pursue the harder task of insider threat anomaly detection.
As Schilling puts it, “the greater the defensive capability, the more likely the adversary will need to become an insider”. With defenses becoming stronger, humans will always remain the most complex element to secure. In light of rising financial pressures, company restructures and recession on the horizon, we may see a spike in insider threats in the near future. If companies want to remain secure, now is the time to build policies, processes and a plan of action.
If you want to hear from Exabeam and other DTX experts on how to guard against insider threats, you can join us at our next London event on the 4th-5th October. Find out more here.