A naukri.com initiative
Sentinelone
4d
303
Image Credit: Sentinelone
Insider Risk Revisited: Espionage, Encryption & Economics
- Recent incidents in the private sector and U.S. government have exposed weaknesses in trust, access, and oversight, emphasizing the ongoing threat of insider activity.
- The Rippling-Deel case involved corporate espionage through an insider leaking confidential documents using encrypted messaging and disappearing messages.
- In the U.S. government's Signalgate incident, sensitive operational details were unintentionally disclosed on a consumer encrypted messaging app.
- Both cases underscore the risks of relying on encrypted tools without proper governance, creating blind spots in organizational security.
- Insider tactics include using encrypted messaging apps, ephemeral messages, cryptocurrency payments, personal devices, and shell companies.
- Economic uncertainties are amplifying insider risks, with financially motivated insider activities becoming more prevalent in shifting economic landscapes.
- To mitigate insider threats, organizations need to govern encrypted communications, enhance detection capabilities, and adapt to economic and geographic stress factors.
- Insider risk is a persistent threat that organizations must acknowledge, and they need to adjust their controls, culture, and strategies accordingly to combat it effectively.
- It is crucial for organizations to treat insider threats seriously, establish robust communication policies, enhance detection mechanisms, and adapt to evolving risk factors.
- These incidents highlight the importance of implementing proactive measures to mitigate insider risk and bolster security against potential threats.
- Organizations must stay vigilant, continuously reassess their security protocols, and adapt to the evolving landscape of insider threats to safeguard their sensitive information.
Read Full Article
18 Likes
For uninterrupted reading, download the app