How to defend your business from insider threat

Insider threats are like tumors in a person’s body. Fortunately for stakeholders, insider threat does not involve uncontrollable factors and can be prevented before they form.

The following steps outline how best to defend your business from such threats.

  1. Identify indicators that reveal insider attacks at work



Review and assess red flags that demonstrate characteristics of external attacks, such as accessing sensitive information that is not related to job duties or downloading large volumes of data to external hard drives.

  1. Think outside the box


Check for external attacks masquerading as  insiders. Criminal hackers can pose as system administrators using standard network and IT administration tools to move within the network and steal data.

  1. Crowdsourcing


Set up a system that enables employees to report potential threats. Reports should be done anonymously to reduce the rate of false positives. Employees will be more responsible in reporting insider threats as they are accountable for the information they turn in.

  1. Implement and insider threat program


Develop and insider threat program that will detect, mitigate and manage insider threats. Collaborate with stakeholders and related departments such as Human Resource and finance.

  1. Control the environment


Ideally, BYOD (Bring Your Own Device) should not be implemented. They can enable insider threats to breach security and slip undetected because they already have access to your network using their device. Employees need to comply with monitoring and strict controls.  

  1. Monitor Data at risk


Check employees who are proposed for dismissal to see what kind of data they have access to and how this data is moved around.

READ: 7 Ways to Protect Your IT Infrastructure from a Data Breach 

  1. Maintain Information governance


Protect critical data assets through a sound information management process that includes identifying what information you have, where you have it, how it is protected, how it is shared, who has access to, how long it is stored and when it should be disposed.

  1. Apply advanced data analytics techniques


Use forensic data analytics tools to objectively analyze tools to objectively analyze behaviors, identify and rank risks, and detect insider threats.

This guest post was first published HERE and submitted by Vlad de Ramos. Vlad has been in the IT industry for more than 22 years with focus on IT Management, Infrastructure Design, and IT Security. He is also a professional business and life coach, a teacher and a change manager. He has been focused on IT security awareness in the Philippines. He is a certified information security professional, a certified ethical hacker and forensics investigator and a certified information systems auditor. Visit his website

Facebook Comments

Samsung’s Galaxy Z Fold6 and Z Flip6 Kenya Launch

TechTrends Media Editorial

We cover Technology and Business trends in Kenya and across Africa. Send tips to

Have anything to add to this article? Leave us a comment below

Back to top button