Collective Intelligence Podcast, Eric Lackey on Mitigating the Insider Threat
By Mike Mimoso
Insiders are privileged, and operate inside the perimeter and behind the firewall. Yet defenders exhaust resources and concentrate investments and policy enforcement around external actors and threats.
Insider threats are still not on par with external attacks such as ransomware and zero days despite the potential for insiders to abuse their access and steal the most coveted of internal secrets such as intellectual property.
In this episode of the Collective Intelligence Podcast, Flashpoint Principal Advisor Eric Lackey discusses his extensive experience researching insider threats and incidents involving the most privileged of employees, as well as his journey helping organizations of all sizes develop and implement insider threat programs.
Throughout this discussion, Lackey explains the myriad ways insiders can go rogue, whether they’ve become disgruntled with work circumstances, or personal pitfalls that could cause them to steal company secrets or advertise their access within an illicit community. There are also criminal and nation-state elements that attempt to recruit insiders for nefarious purposes.
Lackey also explains some of the mistakes defenders make in mitigating insider threats, whether it’s defending against them in the same manner as they would against external threats, or choosing to exclusively throw technology at the problem without consideration for the people side of the problem.
Finally, Lackey discusses the technology available to defenders that helps them correlate illicit activity or preserve forensic evidence in the event a case ends up in litigation. Lackey also shares his experiences developing and implementing insider threat programs.
The Collective Intelligence Podcast, presented by Flashpoint and hosted by Editorial Director Mike Mimoso, features regular interviews with a diverse set of industry experts and Flashpoint analysts on the latest information security news and industry trends.