- Spread the knowledge: Small- and medium-sized businesses are typically working with a
strained budget and limited resources, so a fully dedicated insider threat team – while ideal – isn’t
always realistic. While your security and IT team should be able to handle the monitoring,
detection and remediation responsibilities, they shouldn’t have to shoulder the full burden.
Educating and training your stakeholders on the full scope of the insider threat program will prove
critical so that they have a clearer understanding of what’s being monitored, specific case triggers,
key workflows, rules of engagement and the tools needed to accomplish all of this. This training
should also clearly define roles and responsibilities in the event of a triggered workflow. - Open the lines of communication: In order to maintain a healthy working relationship between
your employees and your security/IT teams, it’s critical to communicate that your organization
tracks file activity. Reiterate that the program is applicable to everyone – without privileges or
exceptions – and is designed to maintain employee productivity, while protecting the
organization’s most valuable assets – its data. - Start now before it’s too late: The most successful insider threat program starts long before a
trigger. A trigger event shouldn’t be the reason why you’re implementing your monitoring,
detection and remediation technologies. A strong insider threat program continuously runs and
provides context and complete visibility into all data activity at all times.
The industry needs to stop seeing insider threats as “employees stealing stuff” when in reality, it’s about
the actions (good, bad, indifferent) that people take with any kind of data that puts the customers,
employees, partner or company’s well-being at risk. Initiating an insider threat program with a simpler,
workflow-based starting point around three to four high-risk triggers can effectively address 80 percent
or more of your risks to insider threat.
About the Author
As vice president of portfolio marketing at Code42, Mark leads the
market research, competitive intelligence and product marketing
teams. Mark joined Code42 in 2016 bringing more than 20 years of
B2B data storage, cloud and data security experience with him,
including several roles in marketing and product management at
Seagate.