Who should be on an insider risk team?

Catching an insider taking confidential information doesn't happen by chance, and policies and procedures must be in place to know what to do when an insider is caught.

eliminate insider threats 1
Thinkstock

Left to chance, unless you happen to bump into someone leaving the building with a box full of documents, you might never catch an insider red-handed. That is where an insider risk team comes in — group of employees from various departments who have created policies that create a system to notice if those confidential items have left the building.

“Insider risk is a real cybersecurity challenge. When a security professional or executive gets that call that there’s suspicious activity — and it looks like it’s someone on the inside who turned rogue — the organization needs to have the right policies and playbooks, technologies, and right team ready to go,” said Rinki Sethi, senior director of information security at Palo Alto Networks.

Steve Mancini, senior director of information security at Cylance, takes the disgruntled employee's point of view, indicating that they need to be provided outlets and recourse for their grievances before miscreant actions occur. “Fellow employees and managers need to be trained to spot the signs of disgruntled employees and given channels to report concerns in a manner that does not judge the potentially disgruntled employee, but instead put the right people in their path to help them resolve whatever grievance they have before it escalates.”

To continue reading this article register now

Survey says! Share your insights in our 2020 CIO Tech Poll.