I enjoyed this linked article from our friends at Digital Journal, across the pond, and thought I’d share my thoughts on the 3 Organizational Insiders they addressed so well.
I spend many days talking about Insider Threats and Economic Espionage with small and large organizations. When you talk with folks outside of IT, they seem to have a good grasp that it’s a people problem.
However, the reality is that in many organizations, the IT department is the “lead” in addressing Insider Threats. And, with no slight intended, they are almost always focused on installing a piece of equipment on their network, either on the server or at an endpoint….. Or both and every more!
I’m not going to argue that IT should or shouldn’t be an organizations Insider Threat “lead”, but other departments MUST have a seat at the table. Simply because it’s the people stealing data and the IT infrastructure is just one of the means they use. Also, Insider Threat encompasses more than just theft of IP or Sensitive Client/Employee Data….. Workplace Violence and employee conduct/bullying are often the most publicized types of events caused by an Insider Threat.
Along with our Partner, Carnegie Mellon University’s SEI CERT Insider Threat Center, Quortum works with company leaders to first assess your organizations current posture to identify and mitigate insider threats. We then work with all employee-facing departments to develop a comprehensive “all hands on deck” process to best position them to work together to protect their organization. Our processes, procedures and practices are based on over 20 years of Insider Threat experience, both in the Information Technology and the Human Capital Management arenas.
Our Team of Insider Threat Program Managers are available to discuss your needs and help you determine the best course for your success. Please give us a call at 571-429-1517 or use our easy contact form and we’ll get back to you the next business day.