On September 8, NetSPI Managing Director Nabil Hannan was featured in Security Magazine’s article on National Insider Threat Awareness Month 2022. Read the preview below or view it online.


September is National Insider Threat Awareness Month, which emphasizes the importance of safeguarding enterprise security, national security and more by detecting, deterring and mitigating insider risk.

The risks of espionage, violence, unauthorized disclosure and unknowing insider threat actions are higher than ever; therefore, maintaining effective insider threat programs is critical to reducing any security risks and increasing operational resilience.

National Insider Threat Awareness Month is an opportunity for enterprise security, national security and all security leaders to reflect on the risks posed by insider threats and ensure that an insider threat prevention program is in place and updated continuously to reflect the evolving threat landscape.

Below, in honor of National Insider Threat Awareness Month, security leaders offer advice on how to reduce insider threat risks effectively.

Nabil Hannan, Managing Director, NetSPI:

To account for internal threats, there must be a mindset shift in what constitutes an organization’s threat landscape. Most companies focus exclusively on external threats and view their own people as trustworthy. As a result, insider threats are often under-addressed cybersecurity threats within organizations. We learned with SolarWinds that detecting such a threat is vastly different from traditional pen testing, code review or other vulnerability detection techniques. 

Security teams need to move from only looking for vulnerabilities to also looking for suspicious or malicious code. With a vulnerability, the threat actor interacts with the attack surface in a way that exploits a weakness. With malicious code, the threat actor is either choosing or creating the attack surface and functionality because they have control over the system internally. 

So, instead of the threat actor exploiting vulnerabilities in the attack surface, now the threat actor creates the attack surface and exercises the functionality that they implement. Failing to implement threat modeling that studies potential threats to both vulnerabilities and malicious code can set your organization up with a false sense of security.

You can read the full article at Security Magazine!