The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Education, Awareness at the Center of U.S.' First Insider Threat Month

by Chris Brook on Thursday September 12, 2019

Contact Us
Free Demo
Chat

Federal agencies are spreading awareness around the threats insiders can pose to both governments and companies this month.

While the concept of the insider threat isn't new by any measure, it's certainly not going away anytime soon.

The fact that the Department of Defense, with an assist from a handful of other federal agencies, have dubbed September Insider Threat Awareness Month says a lot about the state of data security in 2019, hinting the problem is persistent as ever.

The National Counterintelligence and Security Center (NCSC) and the National Insider Threat Task Force (NITTF) - a group that works under the Attorney General and the Director of National Intelligence - announced the news earlier this month.

According to the NCSC, the aim of dedicating an entire month to insider threats is to better inform users, including federal employees and private sector stakeholders, about the risks posed by insider threats but also to better inform employees about some of the tell-tale signs of malicious insider activity, anomalous actions, that can foreshadow and potentially stop a compromise.

“All organizations are vulnerable to insider threats from employees who may use their authorized access to facilities, personnel or information to harm their organizations -- intentionally or unintentionally,” NCSC Director William Evanina said, “The harm can range from negligence, such as failing to secure data or clicking on a spear-phishing link, to malicious activities like theft, sabotage, espionage, unauthorized disclosure of classified information or even violence.”

The month isn't designed to solely sniff out potential cyberattacks or the disclosure of data; it's also to escalate awareness of some of the indicators around when employees could be prone to carrying out violence or physical crimes.

"Workplace vigilance is the key to early detection of potential insider threats," Dr. Brad Millick, the director of the DoD's counter-insider threat program said earlier this month. "We want to provide employees with the knowledge to identify warning signs and the ability to report concerning behaviors or indicators."

In a report released alongside the month's announcement, the Office of the Director of National Intelligence also cited recent incidents involving betrayal, theft of intellectual property, the unauthorized disclosure of information, and cyberattacks as threats to both the government and business.

The last 12 to 24 months have been marked by stories of employees leaving a company - but not before squirreling away some of its sensitive data, usually in an attempt to give them a leg up at their next job.

Last summer saw headlines around how former employees at Apple and Tesla were arrested under suspicions they stole intellectual property, specifically information on self-driving car technology.

Last month we learned that Anthony Scott Levandowski, a former executive at Google, now faces 33 counts of stealing and attempting to steal proprietary information from the company, prior to joining Uber. Uber and Waymo settled when the two went to court last year but the fact that Levandowski was indicted suggests he could actually face jail time for his actions.

Just this week, a payroll company in New York, MyPayrollHR, shuttered following sudden and mysterious actions believed to have been taken by its CEO, who is no longer returning phone calls.

While it can be argued that it shouldn't take a special, branded month to warn about insider threats - especially given how pervasive they've been lately - bringing a hightened visibility to the dangers associated with threats that can come from within a trusted network, certainly isn't a bad thing.

Tags: Insider Threat

Recommended Resources


  • Why Data Classification is Foundational
  • How to Classify Your Data
  • Selling Data Classification to the Business
  • The Five Stages of Threat Hunting
  • A Proactive Approach to Threat Hunting
  • Expert Tips

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.