SlideShare a Scribd company logo

Insider Threat Risk Strategy

Rowena Fell MA CPP FSyI
Rowena Fell MA CPP FSyI
1 of 1
Download to read offline
The Lawyer | 14 November 2016 5 Risk strategy BRIEFING: Security Unsurprisingly, the topic of InsiderThreat is an unpalata- ble topic for most businesses, as the natural tendency is to assume that our colleagues do not wish to cause the organi- sation harm.While this may have been the case historically, digital innovation and the interconnected world expose tan- gible and intangible assets in a way never experienced before. Numerous incidents of employees causing harm from within have been recorded ranging from the theft of intel- lectual property, the compromise of trade secrets and the misappropriation of financial assets to technology sabotage and beyond. Of these incidents, some have been deemed accidental while others have been intentional and attrib- uted to full-time members of staff. In fact, the UK Centre for the Protection of National Infrastructure conducted research in 2013 and found that an Insider act was 88 per cent more likely to be carried out by a headcount member of staff, citing the two most frequent types of Insider activity as unauthorised disclosure of sensitive information (47 per cent) and process corruption (42 per cent). Indeed, the EU Agency for Network and Information Security reported in August this year that the most expensive attacks are those orchestrated by an Insider and this appears to be accurate considering that the estimated cost of intellectual property and trade secret compromise by the Detica Report on the Cost of Cybercrime in 2011 is £9.2bn per year.With mean- ingful, peer-reviewed data becoming available regarding the theft, compromise and loss of organisations’ crown jewels, there is arguably a greater requirement than ever for business leaders to mitigate InsiderThreat as part of their enterprise risk strategy, to secure their market reputation, protect their brand and remain competitive. The cost Protection of assets should not be cost-prohibitive.There is a balance between business enablement and business protec- tion. Consideration of the threat posed to an enterprise’s crown jewels is based on knowing what they are and who has access.Whether digital or physical, trade secrets are hugely valuable and must be protected from internal compromise, particularly as they have no dedicated protection in criminal law in many jurisdictions. InsiderThreat is not a technology problem; while systems may be used to compromise or steal, the risk is a business issue and so to appreciate other mitigation strategies we need to consider how threat is calculated and its relationship to risk scoring methodology. The severity of threat is calculated based on the relation- ship between the intent of the individual to cause harm and their capability to do so.The challenge is one of control. Once emails and documents leave the environment, the organisation no longer has control over how they are used. Now consider that the organisation has so many incidents of accidental behaviours that the ability to identify the nefarious actors is too great.This where we consider the relationship between threat and risk.When considering risk, practitioners would take the threat score and look at the likelihood the threat can occur and what harm would be caused if it did.To conduct an objective assessment of risk from an Insider act, an organisation needs to have a clear picture of its control environment; in essence a maturity assessment of its controls landscape through an Insider Risk lens. To establish whether your business is exposed, consider the following: LL Does senior leadership endorse and develop policies that address the risk of Insider threat? LL Does your organisation leverage information security and corporate security programmes to identify and understand critical assets? LL Are analytical platforms used to detect possible Insider Threats? LL Is screening of employees and vendors performed regu- larly, especially personnel who have access to critical assets? LL Are there clearly defined consequence management processes so all incidents are handled following uniform standards? LL Is there a training curriculum to generate awareness about InsiderThreats and the related risks? Assessing the status of an organisation’s risk from an Insider act in relation to the compromise of intellectual property and trade secrets will provide knowledge of which controls need to be deployed/reviewed. A risk-based approach will also ensure cost-effectiveness. Monitoring data flow in an automated and anonymous way, in parallel with robust security protocols, will minimise the likelihood of crown jewels being lost, ultimately protecting the organisa- tion’s pipeline and competitiveness while meeting regulatory and data privacy requirements. EY 1 More London Place, London SE1 2A Tel: +44 (0)207 951 2000 E-mail: rfell@uk.ey.com Web: www.ey.com Understanding the Insider Threat to your organisation In the digital age organisations must learn to protect their assets from theft, sabotage and compromise – even by their own employees By Rowena Fell, director - fraud investigation & dispute services, EY

Recommended

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Task 3
Task 3Task 3
Task 3BIBEKCHAUDHARYBScHon
 
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesCybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesAmerican Chamber of Commerce in Bahrain
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory ComplianceLifeline Data Centers
 
Task 2
Task 2Task 2
Task 2BIBEKCHAUDHARYBScHon
 

Recommended

Cyber Threat Intelligence
Cyber Threat IntelligenceCyber Threat Intelligence
Cyber Threat Intelligenceseadeloitte
 
Cyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementCyber 101: An introduction to privileged access management
Cyber 101: An introduction to privileged access managementseadeloitte
 
August 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber AttackerAugust 2017 - Anatomy of a Cyber Attacker
August 2017 - Anatomy of a Cyber Attackerseadeloitte
 
Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Reducing-Cyber-Risk-Whitepaper-Email (UK)
Reducing-Cyber-Risk-Whitepaper-Email (UK)Mark Baker
 
Task 3
Task 3Task 3
Task 3BIBEKCHAUDHARYBScHon
 
Cybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesCybersecurity in ME April 25 slides
Cybersecurity in ME April 25 slidesAmerican Chamber of Commerce in Bahrain
 
Data Security and Regulatory Compliance
Data Security and Regulatory ComplianceData Security and Regulatory Compliance
Data Security and Regulatory ComplianceLifeline Data Centers
 
Task 2
Task 2Task 2
Task 2BIBEKCHAUDHARYBScHon
 
Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Comply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed AuditsComply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed AuditsThycotic
 
task 1
task 1task 1
task 1BIBEKCHAUDHARYBScHon
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Countering Advanced Persistent Threats
Countering Advanced Persistent ThreatsCountering Advanced Persistent Threats
Countering Advanced Persistent ThreatsBooz Allen Hamilton
 
Internet is a threat in financial secotr
Internet is a threat in financial secotr Internet is a threat in financial secotr
Internet is a threat in financial secotr khan shamim
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionNext Dimension Inc.
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021Management Events
 
Managing data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur guptaManaging data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur guptaAankur Gupta
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence reportSimon Clements FIRP DipRP
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber securitynsheel
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in ITAnushka Perera
 
BREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised CredentialBREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised CredentialThycotic
 
How Cyber Resilient are we?
How Cyber Resilient are we?How Cyber Resilient are we?
How Cyber Resilient are we?CIO Academy Asia Community
 
Managing Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber SecurityManaging Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber SecuritySophia Stefanatto
 
Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015sarah kabirat
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991Jim Romeo
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 

More Related Content

What's hot

Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Tracey Ong
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadVinoth Sn
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
Comply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed AuditsComply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed AuditsThycotic
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskSurfWatch Labs
 
Countering Advanced Persistent Threats
Countering Advanced Persistent ThreatsCountering Advanced Persistent Threats
Countering Advanced Persistent ThreatsBooz Allen Hamilton
 
Internet is a threat in financial secotr
Internet is a threat in financial secotr Internet is a threat in financial secotr
Internet is a threat in financial secotr khan shamim
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionNext Dimension Inc.
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021Management Events
 
Managing data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur guptaManaging data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur guptaAankur Gupta
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking SectorSamvel Gevorgyan
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence reportSimon Clements FIRP DipRP
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber securitynsheel
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in ITAnushka Perera
 
BREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised CredentialBREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised CredentialThycotic
 
Managing Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber SecurityManaging Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber SecuritySophia Stefanatto
 

What's hot (18)

Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]Scalar security study2017_slideshare_rev[1]
Scalar security study2017_slideshare_rev[1]
 
Week 1&2 intro_ v2-upload
Week 1&2 intro_ v2-uploadWeek 1&2 intro_ v2-upload
Week 1&2 intro_ v2-upload
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
Comply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed AuditsComply or Die: Learn How to Avoid Failed Audits
Comply or Die: Learn How to Avoid Failed Audits
 
task 1
task 1task 1
task 1
 
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party RiskUsing SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
Using SurfWatch Labs' Threat Intelligence to Understand Third-Party Risk
 
Countering Advanced Persistent Threats
Countering Advanced Persistent ThreatsCountering Advanced Persistent Threats
Countering Advanced Persistent Threats
 
Internet is a threat in financial secotr
Internet is a threat in financial secotr Internet is a threat in financial secotr
Internet is a threat in financial secotr
 
Cybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next DimensionCybersecurity: Protection strategies from Cisco and Next Dimension
Cybersecurity: Protection strategies from Cisco and Next Dimension
 
Cyber security investments 2021
Cyber security investments 2021Cyber security investments 2021
Cyber security investments 2021
 
Managing data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur guptaManaging data security and privacy in call centres ankur gupta
Managing data security and privacy in call centres ankur gupta
 
Information Security Management System in the Banking Sector
Information Security Management System in the Banking SectorInformation Security Management System in the Banking Sector
Information Security Management System in the Banking Sector
 
Networkers cyber security market intelligence report
Networkers cyber security market intelligence reportNetworkers cyber security market intelligence report
Networkers cyber security market intelligence report
 
Enterprise cyber security
Enterprise cyber securityEnterprise cyber security
Enterprise cyber security
 
Policies and Law in IT
Policies and Law in ITPolicies and Law in IT
Policies and Law in IT
 
BREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised CredentialBREACHED! Implementing Incident Response for a Compromised Credential
BREACHED! Implementing Incident Response for a Compromised Credential
 
How Cyber Resilient are we?
How Cyber Resilient are we?How Cyber Resilient are we?
How Cyber Resilient are we?
 
Managing Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber SecurityManaging Risk - The Board and Cyber Security
Managing Risk - The Board and Cyber Security
 

Similar to Insider Threat Risk Strategy

Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015sarah kabirat
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991Jim Romeo
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfAnil
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guideNA Putra
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...balejandre
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarClaudia Warwar
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessibleCharmaine Servado
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAbdullahKanash
 
Risk Management
Risk ManagementRisk Management
Risk Managementijtsrd
 
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsEnterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsCXO 2.0 Conference
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxAbimbolaFisher1
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic SecurityChad Korosec
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityRahul Tyagi
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementDaren Dunkel
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityKaryl Scott
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Accenture Technology
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligencethinkASG
 

Similar to Insider Threat Risk Strategy (20)

Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015Cyber Security Privacy Brochure 2015
Cyber Security Privacy Brochure 2015
 
managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991managed-security-for-a-not-so-secure-world-wp090991
managed-security-for-a-not-so-secure-world-wp090991
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
Cyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdfCyber-Security-Whitepaper.pdf
Cyber-Security-Whitepaper.pdf
 
NQA - Information security best practice guide
NQA - Information security best practice guideNQA - Information security best practice guide
NQA - Information security best practice guide
 
White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...White paper cyber risk appetite defining and understanding risk in the moder...
White paper cyber risk appetite defining and understanding risk in the moder...
 
I-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia WarwarI-Week April 2004 - Claudia Warwar
I-Week April 2004 - Claudia Warwar
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
eCrime-report-2011-accessible
eCrime-report-2011-accessibleeCrime-report-2011-accessible
eCrime-report-2011-accessible
 
Awareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdfAwareness Security Session 2023 v1.0.pptx.pdf
Awareness Security Session 2023 v1.0.pptx.pdf
 
Risk Management
Risk ManagementRisk Management
Risk Management
 
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference ExpertsEnterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
Enterprise Fraud Prevention & Scam Detection Tips By CXO 2.0 Conference Experts
 
Cyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptxCyber Threat Intelligence.pptx
Cyber Threat Intelligence.pptx
 
200606_NWC_Strategic Security
200606_NWC_Strategic Security200606_NWC_Strategic Security
200606_NWC_Strategic Security
 
Cyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe SecurityCyber Risk Quantification for Employees | Safe Security
Cyber Risk Quantification for Employees | Safe Security
 
A CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk ManagementA CIRO's-eye view of Digital Risk Management
A CIRO's-eye view of Digital Risk Management
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
What CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber SecurityWhat CIOs Need To Tell Their Boards About Cyber Security
What CIOs Need To Tell Their Boards About Cyber Security
 
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
Continuous Cyber Attacks: Engaging Business Leaders for the New Normal - Full...
 
IT Executive Guide to Security Intelligence
IT Executive Guide to Security IntelligenceIT Executive Guide to Security Intelligence
IT Executive Guide to Security Intelligence
 

Insider Threat Risk Strategy

  • 1. The Lawyer | 14 November 2016 5 Risk strategy BRIEFING: Security Unsurprisingly, the topic of InsiderThreat is an unpalata- ble topic for most businesses, as the natural tendency is to assume that our colleagues do not wish to cause the organi- sation harm.While this may have been the case historically, digital innovation and the interconnected world expose tan- gible and intangible assets in a way never experienced before. Numerous incidents of employees causing harm from within have been recorded ranging from the theft of intel- lectual property, the compromise of trade secrets and the misappropriation of financial assets to technology sabotage and beyond. Of these incidents, some have been deemed accidental while others have been intentional and attrib- uted to full-time members of staff. In fact, the UK Centre for the Protection of National Infrastructure conducted research in 2013 and found that an Insider act was 88 per cent more likely to be carried out by a headcount member of staff, citing the two most frequent types of Insider activity as unauthorised disclosure of sensitive information (47 per cent) and process corruption (42 per cent). Indeed, the EU Agency for Network and Information Security reported in August this year that the most expensive attacks are those orchestrated by an Insider and this appears to be accurate considering that the estimated cost of intellectual property and trade secret compromise by the Detica Report on the Cost of Cybercrime in 2011 is £9.2bn per year.With mean- ingful, peer-reviewed data becoming available regarding the theft, compromise and loss of organisations’ crown jewels, there is arguably a greater requirement than ever for business leaders to mitigate InsiderThreat as part of their enterprise risk strategy, to secure their market reputation, protect their brand and remain competitive. The cost Protection of assets should not be cost-prohibitive.There is a balance between business enablement and business protec- tion. Consideration of the threat posed to an enterprise’s crown jewels is based on knowing what they are and who has access.Whether digital or physical, trade secrets are hugely valuable and must be protected from internal compromise, particularly as they have no dedicated protection in criminal law in many jurisdictions. InsiderThreat is not a technology problem; while systems may be used to compromise or steal, the risk is a business issue and so to appreciate other mitigation strategies we need to consider how threat is calculated and its relationship to risk scoring methodology. The severity of threat is calculated based on the relation- ship between the intent of the individual to cause harm and their capability to do so.The challenge is one of control. Once emails and documents leave the environment, the organisation no longer has control over how they are used. Now consider that the organisation has so many incidents of accidental behaviours that the ability to identify the nefarious actors is too great.This where we consider the relationship between threat and risk.When considering risk, practitioners would take the threat score and look at the likelihood the threat can occur and what harm would be caused if it did.To conduct an objective assessment of risk from an Insider act, an organisation needs to have a clear picture of its control environment; in essence a maturity assessment of its controls landscape through an Insider Risk lens. To establish whether your business is exposed, consider the following: LL Does senior leadership endorse and develop policies that address the risk of Insider threat? LL Does your organisation leverage information security and corporate security programmes to identify and understand critical assets? LL Are analytical platforms used to detect possible Insider Threats? LL Is screening of employees and vendors performed regu- larly, especially personnel who have access to critical assets? LL Are there clearly defined consequence management processes so all incidents are handled following uniform standards? LL Is there a training curriculum to generate awareness about InsiderThreats and the related risks? Assessing the status of an organisation’s risk from an Insider act in relation to the compromise of intellectual property and trade secrets will provide knowledge of which controls need to be deployed/reviewed. A risk-based approach will also ensure cost-effectiveness. Monitoring data flow in an automated and anonymous way, in parallel with robust security protocols, will minimise the likelihood of crown jewels being lost, ultimately protecting the organisa- tion’s pipeline and competitiveness while meeting regulatory and data privacy requirements. EY 1 More London Place, London SE1 2A Tel: +44 (0)207 951 2000 E-mail: rfell@uk.ey.com Web: www.ey.com Understanding the Insider Threat to your organisation In the digital age organisations must learn to protect their assets from theft, sabotage and compromise – even by their own employees By Rowena Fell, director - fraud investigation & dispute services, EY