Which tools, controls and processes do you use for guarding against your next cyber attack or data breach?
We like to think about the way the Fantastic Four would deal with an attack. What if you could change into The Invisible Woman and generate force fields around your sensitive databases and file servers like Sue Storm? Or turn yourself into The Human Torch like Johnny Storm, then fly around your network and smack bad actors in the back of the head with fireballs? Nothing wrong with wanting a few superheroes on your side.
But maybe your IT team prefers a more practical approach.
In my first post I described Dr. Doom – the insider threats to your network security – and last time I wrote about Reed Richards – your threat detection strategy. Johnny and Sue Storm represent the tools, controls and processes you put in place to enforce your strategy.
Most of us in IT have figured out that it takes a lot more than software and hardware to prevent an insider attack because of its very nature. What do you have to do to avoid an inside job, whether it’s accidental or malicious? You can’t keep an eye on all your co-workers, so you have to figure out how to get them to keep an eye on themselves.
In the 2015 Insider Threat Spotlight Report co-sponsored by Quest, you’ll find five pages covering the ways that more than 500 of your counterparts approach insider attacks. The report draws from a wide variety of industries and company sizes. We’d like you to download and read the entire report, so we don’t want to give away too much. Still, in the section “Security Tools and Processes” (page 21), look for the page on the biggest barriers to better insider threat management:
As I mentioned above, technology comes below that. When that many IT professionals think that better policies and training are more effective tools than software in protecting against insider attacks, that’s a sign that even Johnny and Sue Storm can’t save you from every insider threat.
Much as we’d like them to.
We co-sponsored the 2015 Insider Threat Spotlight Report so you could see how your organization’s approach to tools and processes fits in with everyone else’s. Read the entire report – it’s a pretty quick read – to validate your existing ideas about dealing with insider attacks and to start a few new ideas incubating. Look for my final post in this series, on recovery and remediation.