The second annual National Insider Threat Awareness Month (NITAM) has been kicked off frequently, and assistance is being provided being made available to emphasize the importance of tackling insider threats.
This event is a group project produced by NITAM and a number of U.S. government agencies such as:
- National Counterintelligence and Security Center (NCSC)
- Office of the Under Secretary of Defense Intelligence and Security (USD(I&S))
- National Insider Threat Task Force (NITTF)
- Department of Homeland Security (DHS)
- Defense Counterintelligence and Security Agency (DCSA).
The event was planned in 2019 in order increase awareness of the risks posed by insiders and to encourage groups take those risks.
A lot of focus is typically placed on keeping organizations safe from external attacks. However it is just as important to ensure that you are 100% safe from internal attacks. This could mean a member of staff, former member of staff, external contract, intern or anyone with access to your database accidentally or deliberately decided to do something that impacts the business. In most cases this will involve stealing financial data, intellectual property or private data data.
The best way to counter the threat posed by insider attacks, or anything involving unauthorized access and malicious acts, you should show your staff how to spot internal attacks and suspicious behavior/activities. The best way to assist your staff in this is to give some detail on gathering and reviewing data so as to spot attacks swiftly. Due to the current COVID19 pandemic has increased the importance of addressing this issue as so many people are not remote working and much more exposed to different kinds of attack, espionage, unauthorized disclosures, fraud, and data theft. For this reason alone it is crucial that you formulate you cybersecurity as quickly as possible, if you have not done so already.
NITAM 2020 will provide lots of information that will help your organization tackle internal attacks using education of the workforce, spotting and addressing insider threats and bolstering your cybersecurity measures.
In addition to this, the DHS Cybersecurity and Infrastructure Security Agency (CISA) will be making available resources that can be implemented by healthcare groups to enhance secutiry and prevent threats posed by insider threats.