Defenses for outsider threats are easier to visualize; a hardened perimeter, strong authentication, and monitoring for unusual activity seem logical if you’re trying to “keep the bad guys out." Insider threats are viewed as more difficult to detect and defend against. Here, the focus tends towards access control, authorization, and (often) device control. Inside attackers are typically trusted users, outsider attackers can be individuals or, increasingly, malware.
If your goal is to protect your data from misuse or exfiltration, does it really matter whether the attacker is inside or outside your organization? In either case, there is an attempt to use or move data in a way that should not be allowed. The best defense must consider the worst-case scenario: an attack by a user, or someone posing as a user, with legitimate access to the data. This could be a system administrator, a senior executive, an engineer or, to extend this to common outsider (cyber) threats, a “user” could also be legitimate or malicious software.
This sounds like a massive challenge. However, by focusing on securing the data itself, multiple attack vectors are addressed. Data that carries security with it will prevent unauthorized use, whether the attack is from inside or outside the organization. It will recognize legitimate actions by other systems and prevent unknown or unauthorized applications from copying or moving data offsite. It will automatically encrypt sensitive data that leaves the internal network (when allowed) and block actions that put data at risk.
The outsider attack is a serious threat. However, if you can protect data from a determined, malicious insider, defending against many outside attacks comes for free.
Data-Centric Security: Why You Need it, How to Get Started
Forrester VP and Principal Analyst John Kindervag explains the fundamentals of a data-centric security approach, why you need it, and how to get started. Watch the webinar on demand.
Related ArticlesYour Weakest Link May Not be Your Employees After All - Securing Your Data Supply Chain
Securing only your employees isn't enough to keep your data safe today - businesses must extend security measures across their entire data supply chain.The Role of Security Analytics in Information Security Programs
18 infosec pros and analytics experts reveal the role of security analytics in information security programs today.How to Protect Sensitive Data without Having to Guess the Next Attack Vector
Focusing on data for effective and sustainable protection