With Highly Secure Data Protection, Often the Greatest Threats are Already Inside

By Chad Cox

Production Editor

Embedded Computing Design

August 28, 2023

Blog

In 2019, the United States National Counterintelligence and Security Center (NCSC) and the National Insider Threat Task Force (NITTF) named September National Insider Threat Awareness Month (NITAM). The annual event is built to educate government officials, private organizations, and the public on the critical risk insider threats pose to data streams and educate the groups on mitigation techniques.

“Insider threats lurk within the very heart of organizations, disguised as trusted employees, partners, or collaborators,” said Carl D'Halluin, CTO, Datadobi, an unstructured data management company. “These individuals, armed with access privileges, possess the potential to wreak havoc that is often unseen until it's too late. Their actions can shatter the security foundation of a company, leading to catastrophic data breaches.”

The 2023 NITAM is focused on the theme of "bystander engagement." According to the official NITAM website, an engaged bystander is an individual who is aware of concerning behaviors and knows how to act on those concerns.

Steve Santamaria, CEO of datastorage company Folio Photonics believes, “In a world where data fuels progress, the importance of NITAM cannot be overstated. The campaign… highlights the stark reality that employees, strategic partners, and other insiders with authorized access can inadvertently or intentionally inflict significant damage. This threat transcends industries, affecting both government entities and private businesses, as trust and access intersect in today's interconnected digital landscape.”

The NITAM website offers many resources to learn more about insider threats including shorts, videos, and games. The video “Nevernight,” published by the FBI and NCSC, was developed based on the case of former CIA operative Kevin Mallory, who in 2017 became a victim of an online security breach leading him to transmit top secret documents to the Chinese Ministry of State Security.

In an online game escape the room type game, hosted on the NITAM site, you play as Earl Lee Indicator, and it is your mission to use your resiliency to keep abating incoming attacks until you reach the “Mitigation Zone.”

“First held in 2019, NITAM is an annual campaign… that reminds us that mitigating insider threats demands a comprehensive strategy encompassing diverse countermeasures,” said D'Halluin. “This can entail the enforcement of stringent access controls, leveraging user behavior analytics, and the implementation of data loss prevention solutions, as well as vigilant user activity monitoring, and the fostering of anonymous whistleblower reporting mechanisms. However, to truly take insider threat mitigation to the next level, a solution that empowers organizations to assess, organize, and take action on their data is pivotal.”

Chad Cox. Production Editor, Embedded Computing Design, has responsibilities that include handling the news cycle, newsletters, social media, and advertising. Chad graduated from the University of Cincinnati with a B.A. in Cultural and Analytical Literature.

More from Chad