Many companies have taken precautions against cyber-attacks. They range from technology solutions to the use of an outsourced or in-house security operations center (SOC). An SOC is defined asa centralized function within an organization employing people, processes, and technology to continuously monitor and improve an organization’s security posture while preventing, detecting, analyzing, and responding to cyber security incidents. Cyber is defined as relating to or characteristic of the culture of computers, information technology, virtual reality, and artificial intelligence.
The “human factor” has been utilized by governments, competitors, and political influencers since the beginning of time. With today’s technology advancing at light speed, leaders sometimes forget that the human factor must be a part of any complete cyber security approach.
Most companies have physical security that they feel handle the human factor in their security approach. This is antiquated thinking… it is not looking at information as the real prize! You may prevent equipment, product, and documents from being taken.
Insider threats are responsible for fraud, competitive espionage, misusing corporate resources and even workplace violence. Threats are not always based on malicious intent, it can just be simple negligence, complacency, carelessness, or good intentions. Most monitoring technology and SOC’s are based on identifying attacks on technology; some are utilizing AI and user activity monitoring (UAM). Storing backups off-site, using cloud hosted applications, and the destruction of documents are all good precautions, but companies feel that everyday behavior cannot be monitored (i.e., potential civil liberties issues) and must trust that their culture of employee compliance with policy is enough.
There is a synergy between people, process, and technology that results in altered employee stress and how this new intensity and expectations on operations will affect the employees of not just those directly affected by the change, but by those employees that are interconnected to the department that is implementing the change. With any change, there is a potential insider threat to the integrity of the security of the information as well as a company’s infrastructure.
No matter what the industry or level of employee, there will be an impact on process and cognitive actions. Some people will excel at the change in routine; however, others will be unhappy, and/or look at the change, and circumvent security policies in order to make the changes fit their comfort zone. There are still others that will look at the change as an opportunity to commit fraud or even worse, commit corporate sabotage or espionage.
As a way to prevent threats and identify strengths, weaknesses and potential cyber threats to their critical infrastructure, companies conduct exercises, do assessments and employ the use of an SOC. Many companies are beginning to integrate their cyber security efforts with emergency management and physical security programs.
Thinking outside the box with cyber security means adding the human factor to the definition of cyber security. It means looking at data points like:
If you are not sure about how any of the above affect your cyber security readiness, let’s have a discussion!