
INSIDE or OUTSIDE Where's the Bigger Threat?


Balaji Ramanujam, CIO and SVP for Products, ASI Government, Balaji Ramanujam is Chief Information Officer (CIO) and Senior Vice President of the Products Division for ASI Government. An accomplished IT and busi... More >>
More posts by this contributor:
If there’s anything safe about cyber security, then it would be my statement that there is wider media coverage about external threats and system hacks – think Russia and a host of other accused countries and foreign interests– than reports on insider threats. This leaves most of us imagining that there is more external threat activity than there are blow-ups from malicious insiders and inadvertent actors.
What if the combination of malicious insiders and inadvertent actors is a higher threat than from external sources? A review of scholarly publications suggests this could be true.
For example, the 2015 IBM X-Force Threat Intelligence Quarterly (second quarter) addresses three distinct threat categories: Outsiders, Malicious Insiders and Inadvertent Actors. Malicious Insiders and Inadvertent Actors, who could very well be insiders as well, total 55 percent of the bad guys!
The classic organizational trifecta of people, process and technology will need to rapidly transform to deal with this threat
As we become more aware of this growing threat, how should CIOs and CISOs respond to keep the systems and thereby, the country safe? As a quick thought, aren’t we all glad that IM clients like Google Chat have moved to the browser and away from client installs? Shouldn’t there be a concerted effort to minimize installs and resist the proliferation of background processes on client machines? Unfortunately, we all know that the defense strategy needs to be far more robust and far beyond these examples.
There are a number of publications that cover best practices, vendor tools and capabilities in the area of Cyber Security. However, at the heart of this problem is the need for humans to evolve at the fastest pace possible, to sense and defend against virtual threats— a sense that is very different from dealing with physical threats. Ignorance is no longer bliss and negligence has a heavy price tag. We live in times when trust in humans is seen as a vulnerability and weakness by the bad guys.
Should the next wave of threat detection software be about tracking changes in user behavior, in other words, browsing and social media habits? Let’s be honest, we’re currently relying on endorsements or pledge of allegiance to the bad elements by users to be able to flag and track them down. And we know this doesn’t cut it for Cyber Security or National Security. Should Ad Revenue and Predictive Analytics software be repurposed to guess what Inadvertent Actors are likely to click to draw trouble? How do you repurpose IBM Watson and the likes to start playing a new game with potential hackers to stay one-up and learn their next move? Some vendors claim to have the capability, but buyers aren’t convinced yet.
Rather than engage in more questions, here is a quick start towards a solution. Imagine a defense mechanism inspired by living conch shell – impenetrable but not impermeable, with a gooey middle. The spiral structure of a conch ensures the structural integrity and limited accessibility of the shell’s bottom half. Translate that into:
1. Proactive threat detection software, as opposed to standard virus scan software. Threat sensors meet and flag higher and more diverse usage patterns.
2. Hyperaware staff who peer-review behavior and share data on evolving threats.
3. Data abstraction architecture that morphs constantly to keep intruders from guessing data layout patterns.
While there needs to be a reinforced outer layer of IT security with standard tools, training and audits, what constitutes the inside (privileged data) security layer has become even more critical to the business. How organizations devise methods, predictive tools and processes to govern insider threats will be a significant investment and a differentiator for many businesses. At the least, a cultural shift is necessary to start sensing insider threats and to spread awareness about growing risks.
Organizations can claim that the choice of every employee was deliberate. However, they simply cannot claim there was a choice in the impending threat that an employee posed. There is now a need in the industry for version 2.0 of HP’s famous Flight Risk program that predicts employee behavior. Employee retention will continue to be important, but predicting a possible threat from every employee is even more paramount. At the most basic level, CIOs and CISOs could devise a simple test for prospective employees that pulses if he/she poses a cyber threat to the business. And perhaps, a targeted training even before hiring would be in order. As controversial as this may sound, the potential damage from an insider – when compared to someone with a bad credit – may be far greater than anyone realizes.
Insider threats are an elusive and poorly understood risk to business. The classic organizational trifecta of people, process and technology will need to rapidly transform to deal with this threat. The good news is that firms can repurpose a number of capabilities, like predictive analytics and gaming tools. The better news is that humans have shown to quickly evolve and prevail. The ability to witness the next wave of tools and capabilities to meet the challenge sounds very exciting!
Featured Vendors
EDITOR'S PICK
Essential Technology Elements Necessary To Enable...
By Leni Kaufman, VP & CIO, Newport News Shipbuilding
Comparative Data Among Physician Peers
By George Evans, CIO, Singing River Health System
Monitoring Technologies Without Human Intervention
By John Kamin, EVP and CIO, Old National Bancorp
Unlocking the Value of Connected Cars
By Elliot Garbus, VP-IoT Solutions Group & GM-Automotive...
Digital Innovation Giving Rise to New Capabilities
By Gregory Morrison, SVP & CIO, Cox Enterprises
Staying Connected to Organizational Priorities is Vital...
By Alberto Ruocco, CIO, American Electric Power
Comprehensible Distribution of Training and Information...
By Sam Lamonica, CIO & VP Information Systems, Rosendin...
The Current Focus is On Comprehensive Solutions
By Sergey Cherkasov, CIO, PhosAgro
Big Data Analytics and Its Impact on the Supply Chain
By Pascal Becotte, MD-Global Supply Chain Practice for the...
Technology's Impact on Field Services
By Stephen Caulfield, Executive Director, Global Field...
Carmax, the Automobile Business with IT at the Core
By Shamim Mohammad, SVP & CIO, CarMax
The CIO's role in rethinking the scope of EPM for...
By Ronald Seymore, Managing Director, Enterprise Performance...
Driving Insurance Agent Productivity with Mobile and Big...
By Brad Bodell, SVP and CIO, CNO Financial Group, Inc.
Transformative Impact On The IT Landscape
By Jim Whitehurst, CEO, Red Hat
Get Ready for an IT Renaissance: Brought to You by Big...
By Clark Golestani, EVP and CIO, Merck
Four Initiatives Driving ECM Innovation
By Scott Craig, Vice President of Product Marketing, Lexmark...
Technology to Leverage and Enable
By Dave Kipe, SVP, Global Operations, Scholastic Inc.
By Meerah Rajavel, CIO, Forcepoint
AI is the New UI-AI + UX + DesignOps
By Amit Bahree, Executive, Global Technology and Innovation,...
Evolving Role of the CIO - Enabling Business Execution...
By Greg Tacchetti, CIO, State Auto Insurance
Read Also
Hybrid Work Has Forever Changed The Need For It In Ramboll
How T-Mobile brought an Un-carrier approach to tech hiring
Every Changing Labor Force
Great Expectations: Balancing the diverse needs of a city in a...
Community Banks And Digital Banking
"Discovery and Delivery" - An Approach to IT Workload Balance
