TechTarget: 6 ways to prevent insider threats every CISO should know

Chief information security officers, or CISOs, around the world have come to learn from the SolarWinds manual supply chain attack that insider threats are a real issue, one that must be prioritized in 2021. The breach also brings to light an underdiscussed application security challenge: developers writing malicious code that can later be exploited.

The frequency and financial impacts of insider threats have grown dramatically in the past two years. In a recent Ponemon Institute report, the overall average cost of insider threats per incident increased by 31% from $8.76 million in 2018 to $11.45 million in 2020. In addition, the number of incidents has increased by a staggering 47% in just two years, from 3,200 in 2018 to 4,716 in 2020.

Building off the lessons learned from the SolarWinds breach, here are six steps CISOs can take to prevent insider threats.

1. Change your mindset around your threat landscape

2. Employ threat modeling

3. Map out potential insider threat exposure

4. Enact a proactive and ongoing insider threat detection governance program

5. Define risk scenarios and escalation steps

6. Push for holistic solutions for long-term protection