Forrester researchers predict that the remote-workforce trend will drive a steep rise in insider threats. The report says, insider threats are already responsible for 25 percent of data breaches and in 2021 that percentage is expected to jump to 33 percent. While “regular” insiders may turn malicious for a variety of reasons but 2021 can expect to see threats emerge from unexpected sources.
Insider threat prevention best practices are continually evolving as the nature of threats evolves. While nothing is ever foolproof, federal agencies such as NIST, National Insider Threat Task Force and other insider threat guidance sources indicate that when properly implemented, an insider threat mitigation strategy can act as a powerful combatant to insider threats. NIST provides a mapping of risk-based security controls which can help organizations create a blueprint for an insider threat program.
Key takeaways include:
- Aligning human behavior to an insider threat using user and entity behavior analytics (UEBA)
- Developing a data-driven approach to insider threat
- Creating a policy-driven insider threat mitigation program with Zero Trust