WHY TECHNOLOGY ON ITS OWN CAN'T SOLVE THE PROBLEM OF DETECTING AND PREVENTING INSIDER THREATS
The information security risks posed by insiders are a threat to all organizations across industry sectors and disciplines. Through access to information systems afforded by their status, insiders can cause a loss of intellectual property with damaging effects even greater than those of a large external cybersecurity breach of personally identifiable information (PII).
Understanding an organization’s critical value data is a prerequisite to defeating insider threats. Organizations need to know what critical value data they hold, where it is, who can access it, and what it’s worth.
Many solutions focus on a single technology that purports to provide the key to ferreting out insider threats. However, cybersecurity in general is not just a technology problem; it is a business problem.
This paper will argue that only a holistic security program, comprising technical and non-technical elements, can successfully deal with insider threats.