This week at the Gartner Security & Risk Management Summit, Chief Information Officer Meerah Rajavel and Chief Scientist Dr. Richard Ford from global cybersecurity leader Forcepoint shared methods for combating insider threats by focusing on understanding human intent. In their joint speech, Rajavel and Ford discussed how approaching security through a human-centric lens will help organizations better understand indicators of normal behavior and help spot anomalous or compromised behavior. This allows enterprises and government agencies to address what Forcepoint calls ‘The Cyber Continuum of Intent,’ a model that categorizes users on a spectrum from accidental to compromised and malicious insiders. A user can move along this spectrum fluidly based on external factors, motivations and intent such as job satisfaction, training or fatigue.
“Insider threats can arise from any number of scenarios, ranging from simple mistakes to malicious actions,” said Ford. “Regardless, the actions of people – or malware that’s taken the identity of an employee – are at the center of many security incidents. Forcepoint is helping companies understand behaviors and motivations of people, so they are fully enabled to do their jobs, but avoid mistakes that lead to loss of critical business data and IP.”
With this in mind, Rajavel recommended building insider threat programs beginning with people first, then process, and lastly technology. She stressed that one must understand data movement within an organization in addition to user activity to build risk adaptive protection.
“There is no silver bullet in security,” said Rajavel. “We must build programs that have many layers of protection, understanding and taking into consideration international implications for data privacy like GDPR. We must always keep in mind the right balance of safety and privacy as we build data and insider threat protection programs, to ultimately stop the bad and free the good.