In our last post, we talked about what insider threats are and why it is so important to consider them as you construct your data security policies. The heart of an effective strategy to minimize risks from insider threats is the concept of access controls – limiting users’ privileges to the minimum necessary – but access controls alone are not enough.
While the primary data security objective has long been to keep malicious actors out, it is important not to overlook insider threats. According to the IBM Cyber Security Intelligence Index, in 2014, more attacks originated as a result of insiders than outsiders. Moreover, the major cybersecurity enforcement action taken by the Securities and Exchange Commission (SEC) last year involved an insider.