The danger posed by insider threats has been the topic of headlines ever since notorious former defense contractor Edward Snowden leaked millions of classified documents, spurring private and public organizations alike to begin implementing insider threat prevention programs.
Despite a concerted effort to minimize insider threats, however, nearly half of federal agencies were targets of insider threats in the past year, according to a recent report by MeriTalk is a public-private partnership focused on improving the outcomes of government IT.
MeriTalk’s report, Inside Job: The Federal Insider Threat Report, underwritten by Symantec, is based on an online survey of 150 Federal IT managers familiar with their agency’s cybersecurity efforts in July and August 2015. The report examines what insider threats agencies currently face, the strengths and weaknesses of insider threat programs, and provides recommendations for change.
The survey revealed nearly one in three federal agencies report losing data in the past 12 months to an insider incident. Nearly 40 percent of these incidents are the result of employees who unintentionally expose information or systems to risk.
While the vast majority of federal agencies are more focused on combating insider threats today than they were one year ago, many continue to overlook basic security measures.
For example, just 39 percent offer employees annual in-person security training and fewer than half employ two-factor authentication or endpoint encryption agency wide. Moreover, more than 40 percent of agencies cannot tell the moment a document has been shared or how.
“There’s no shortage of news stories underscoring the risks of government data breaches, particularly those perpetrated by insiders, whether malicious or unintentional. Agencies must take a holistic approach when implementing formal insider threat programs to battle this risk head-on,” said Rob Potter, vice president, public sector, Symantec. “Investments in the right technology, as well as employee training and education, are critical.”
Moving forward, the survey respondents indicate that government-wide efforts will be pivotal to combatting insider threats. Seventy-seven percent say that Presidential Cross-Agency Priority (CAP) goals will aid efforts to combat insider threats across agencies. Agencies’ top CAP goals include enhancing security culture (47 percent), developing an insider threat prevention program (38 percent), and sharing adverse information (35 percent).
Although there is no silver bullet to mitigate the insider threat, the respondents believe education and training, security technology, and additional controls/guidance as vital elements in preventing insider threat activity.
“This isn’t just about Snowden,” said Steve O’Keeffe, founder, MeriTalk. “If you Google how to make a nuclear bomb – and don’t do it from your PC – you’ll see the dangers of exfiltration. Training can help – but we need security systems that are smarter by design.”