Insider Threat has been a recognized attack and vulnerability vector for some time. In fact, one survey found that government IT professionals report that insider threats are at an all-time high. One source of this increase may be the rise in the use of mobile devices to access government systems. The main challenge in securing mobile access is ensuring that the person who owns the device is the one actually using it and the apps that reside on it. The portability and ease with which devices are lost and misplaced complicate security authentication efforts. But there are ways to mitigate this risk.
Agencies have looked to multi-factor identification to confirm the person accessing the system is who they say they are. This process includes combining two or more credentials. Typically this is something a person knows (a password), and something they have (an access card or a fingerprint). A practice growing in popularity as part of multi-factor identification is behavioral analytics (BA). This looks at how users typically interact with an application or device analyzing things like browsing habits, message syntax, even how they hold the device. If the behavior is out of the realm of normal, the system can lock that user out until they prove their identity another way.
Implementing these types of identity tracking and management is, of course, not without issue. The Department of Homeland Security is being challenged to put more procedures and policies in place to ensure its insider threat program doesn't violate employees' Fourth Amendment rights (protection against unreasonable searches and seizure).
There are many events in the coming months that include a deep look at insider threat and identity management to help navigate these security challenges.
- Cybersecurity Technical Excellence Event (July 31-August 2, 2019; Denver, CO) - This event is focused on building a more holistic approach to security. This training academy focuses on the policies and software tools needed in an effective modern cybersecurity risk management program. Insider threat protection, user access, and two-factor authentication are key topic areas.
- FCW Summit: Cybersecurity (August 7, 2019; Washington, DC) - Organized by FCW magazine, this event explores the challenges of bolstering cybersecurity and the technologies, policies, and management strategies that agencies can use to attain their security goals. Topic areas include identification and access management, mobile device security, and insider threats.
- New York CyberWeek (September 16-20, 2019; New York, NY) -- CyberWeek is an SXSW-style festival that brings together thousands of the most influential cybersecurity leaders to exchange big ideas and collaborate to solve the most critical cyber challenges. Events are organized throughout the city as part of this event.
- Federal Identity Forum and Exhibition (September 23-26, 2019; Tampa, FL) - This AFCEA event provides an immersive environment where identity professionals from the federal government, private sector, and academia can dedicate three days to strategic planning, information sharing, needs analysis, collaboration, and relationship building.
- Cyber Defense Summit (October 7-10, 2019; Washington, DC) - This event brings together many of the world's leading security experts, frontline heroes, government leaders, and executives from various industries to address the challenges of today's threat landscape. In addition to mainstage sessions, the event will have breakout sessions in three tracks: executive, technical, and solutions (product demos).
- Cyber Security Conference & Expo (November 7, 2019; Washington, DC) - This conference will explore today's cyber threats and offer an opportunity for those supporting government security initiatives to collaborate on how to detect, protect, and respond to these challenges.
Let us know where you're learning about insider threat mitigation. Share your favorite events and resources in the comments.