BTW September is National Insider Threat Awareness month. SMEs that train the Insider Threat tell us that we should begin by performing a companywide risk assessment that focuses on the people that come in contact with our data. We just did a NIST 108 control review using their v1.1 guideline in the last 16 hours over the weekend for a local organization. In the assessment, we find that many organizations send their data on purpose to the cloud (a data server) and they do not know where that is (geographically). As we continue, many times the accounting, intellectual property, and customer data is outside the borders of our country and the business does not maintain a local copy in the US. So, in their Business Continuity Plan (BCP) and Disaster Recovery Plan (DRP), their business is dependent that these countries get along with the US. In the era of international friction and trade wars, that might not be the best plan. The other issue is that in some of these nations, the country’s government actively pursues to take US data. So, if your data is in their country, you can almost guarantee that it has been compromised locally. So, what should we do this month? Start with the NIST assessment and concentrate on the Insider Threat. Those are the people, technicians, and companies that come into contact with your data. After 2 days of identifying vulnerabilities, you can list all of them from high, to medium, to low impact on your business. Then start addressing them. After 90 days, you will be in better shape. If it is your first experience with NIST, do not worry, because slowly and surely, like with the DoD CMMC program, the NIST CSF will become the national standard for cybersecurity.
SMEs from the Ponemon Institute to the major cyber majority watch groups that the root cause of a data breach is from the Insider Threat. The inside threat to your data is those non-compliant employees, technicians, and third party vendors that you have agreed to letting them have access to your daily regularly. ISO and NIST certified TechR2 products and services expertly combat the Insider Threat.