November 12, 2015 By Douglas Bonderud 2 min read

External cyberthreats are on their way up. Just ask Target or the host of other companies that have been victimized by malicious actors. Government agencies aren’t immune: As noted by Wired, more than 5.5 million fingerprint records were recently stolen from federal employees. But according to a new memorandum from the Office of Management and Budget (OMB), the risk of an insider threat is also growing but is often overlooked. How do government CIOs and CISOs get a handle on extracurricular employee activities?

The Risk of an Insider Threat

While it’s easy to point the finger at external actors as the biggest problem in an organization’s cybersecurity plan, employees are often a far greater threat — some by malice, some through frustration and some purely by accident. SC Magazine recently spoke with RSA Chief Security Architect Rashmi Knowles, who argued that “people are the new perimeter” because, despite the growing number of malicious actors and easily accessible malware, “the weakest link in the chain is all of us.”

Data backs up the claim: SC Magazine noted that a Verizon study found that human error played a critical role in 66 percent of all network breaches. The problem? An insider threat is often seen as less serious than its external counterpart since it’s usually accidental or a one-off act committed by recently fired or chastised employees.

In a government setting, however, there’s a much higher likelihood that employees will have access to personal and confidential data, meaning that even an accidental data breach — such as losing a laptop or using a cloud service that isn’t approved by IT admins — could have serious consequences.

The same holds true for recently terminated employees. If IT admins don’t terminate network access quickly enough, the results could be disastrous. CSO Online, reporting on a recent Symantec survey, noted that 45 percent of federal departments were targeted by insider threats over the past year, with 29 percent losing data as a result.

Law of the Land?

Government agencies are waking up to the prospect of insider threats. The Symantec survey found that 76 percent of respondents have increased their focus on combating these threats over the last year and 55 percent already have a formal insider threat program in place. As noted by The Hill, legislation is also in the works to limit the risk of insider attacks. Homeland Security already has a new mandate from the House “to establish a program to identify and mitigate insider threats from rogue employees.”

The OMB’s plan, meanwhile, focuses on a combination of stronger identity and access management (IAM) through the use of personal identity verification cards along with improved employee training. Ken Durbin, the unified security practice manager for Symantec, noted that “training is most effective to better understand and prevent unintentional threat risks.”

CIOs and CISOs of government agencies now face a dual threat: external actors looking to steal agency data and internal personnel accidentally or deliberately exposing the department to greater cyber risk. A combination of legislation, authentication and training may help mitigate the problem, but there’s a higher-level takeaway here: Threats are threats regardless of origin or intention. Government security frameworks must be prepared to take on all comers.

More from

Cybersecurity dominates concerns among the C-suite, small businesses and the nation

4 min read - Once relegated to the fringes of business operations, cybersecurity has evolved into a front-and-center concern for organizations worldwide. What was once considered a technical issue managed by IT departments has become a boardroom topic of utmost importance. With the rise of sophisticated cyberattacks, the growing use of generative AI by threat actors and massive data breach costs, it is no longer a question of whether cybersecurity matters but how deeply it affects every facet of modern operations.The 2024 Allianz Risk…

Autonomous security for cloud in AWS: Harnessing the power of AI for a secure future

3 min read - As the digital world evolves, businesses increasingly rely on cloud solutions to store data, run operations and manage applications. However, with this growth comes the challenge of ensuring that cloud environments remain secure and compliant with ever-changing regulations. This is where the idea of autonomous security for cloud (ASC) comes into play.Security and compliance aren't just technical buzzwords; they are crucial for businesses of all sizes. With data breaches and cyber threats on the rise, having systems that ensure your…

Adversarial advantage: Using nation-state threat analysis to strengthen U.S. cybersecurity

4 min read - Nation-state adversaries are changing their approach, pivoting from data destruction to prioritizing stealth and espionage. According to the Microsoft 2023 Digital Defense Report, "nation-state attackers are increasing their investments and launching more sophisticated cyberattacks to evade detection and achieve strategic priorities."These actors pose a critical threat to United States infrastructure and protected data, and compromising either resource could put citizens at risk.Thankfully, there's an upside to these malicious efforts: information. By analyzing nation-state tactics, government agencies and private enterprises are…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today