Introduction
Ping Identity’s CISO Advisory Council is comprised of CISOs and security leaders from enterprise organizations, including: Chris Gullett, VP of Information Security for Allegiant Air; Krizi Trivisani, CISO for American Red Cross; Diane Ball, CISO for BCBS Tennessee; Harshal Mehta, CISO for Carlson Wagonlit; Karl Mattson, CISO for City National Bank; Sam Masiello, CISO for Gates Corporation; Michael Strong, CISO for GCI; Rich Gay, CISO for PowerSchool Group LLC; Mark Freed, CISO for TechnipFMC; Adrian Mayers, CISO for Vertafore; and Greig Arnold, CISO for Vista Consulting Group.
Insider threats are a well-known problem—and one that few enterprises are immune to. An Insider Threat Report from Crowd Research Partners found that 90% of organizations feel vulnerable to insider attacks, while 53% confirmed they’d experienced insider attacks against their organizations in the previous 12 months.1
Unfortunately, detecting insider attacks in time to minimize their impact grows more complex every day. Because insiders can be anyone who at some point was granted access to sensitive systems and data, the potential attack surface is broad. This means that current and former employees, as well as business partners and contractors represent potential vulnerabilities.
34%
of attacks involve inside actors2
Expansion of the insider threat surface is further driven by digital transformation initiatives, which increasingly provide access to sensitive information across resources deployed inside and outside the corporate data center. Adding to the complexity, the threats you face can come in many forms and with varying degrees of impact, from the incidental and innocent to the well-planned and malicious.
While building an effective insider threat program might feel like a daunting task for those who have yet to do it, you’ll find four simple steps to get you off on the right foot in the pages that follow. Even if you already have an insider threat program in place, you can reference this paper when reviewing your current program to determine if updates or additions may be worthwhile.