When you detect an insider threat, what steps should your IT team take to protect the business? (E.g. an employee downloading confidential data via email or uploading it to their personal cloud storage). Do you report the incident to HR with the evidence? Do you call the police to report the incident?

People & LeadershipProcess ManagementSecurity & GRC
1.7k views2 Upvotes3 Comments
Sort By:
Oldest
Director of Marketing in Software3 years ago
Solutions providing automated hardening upon suspicious activities could be extremely helpful here.
4 1 Reply
Senior Director, Technology Solutions and Analytics in Telecommunication3 years ago

Thank you. Is there any providers that you would recommend?

2
lock icon

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

  • Peer Discussions and Polls
  • One-Minute Insights
  • Connect with like-minded individuals
Director of Information Security in Energy and Utilities3 years ago
It's an interesting question. Technically speaking you need to report it both to HR and Legal, but doing so kicks off a fairly complex process with legal requirements for confidentiality etc. It's best to first conclusively determine if the behavior you are observing is related to actual being malicious or person simply doing some stuff to make their lives easier (shadow IT services). Majority of cases I have seen where you think there's a malicious insiders at deeper look turned out to be people frustrated with internal restrictions/lack of proper tools/software to make their jobs easier. Once you dug as deep as you can internally in IT and confidence is medium or higher that what you are observing is malicious then yes go ahead and file it with both HR and legal teams and provide all relevant context of your investigation. If you trigger this step earlier they will come back and ask you to do a deep investigation first anyways, so you are simply saving this step automatically and doing it up-front.
3

Content you might like

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile DevicesSecurity+2 more
VP of IT in Retail3 days ago
My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more
82 views1 Comment

In the past 6 months, have you seen an uptick in targeted cyberattacks on telehealth devices and networks?

Security & GRCNetworkThreat & Vulnerability Management+2 more

No Increase16%

1-5% increase47%

6-25% increase24%

26-50% increase6%

51-75% increase1%

76%+1%

Other2%

View Results
1.7k views1 Upvote

I am increasingly having to present to our board and it’s not always the best experience. Do you have any advice on how best to approach a company board that is not technical at all?

People & Leadership
Chief Cloud Officer in Software6 years ago
My board experience has primarily been with board members that are not technical. The approach I take is to "translate" technical bits into business impact information. It seems many non-technical board members care most ...read more
64 3 Replies
Read More Comments
177.4k views169 Upvotes153 Comments

We are using MDM and MAM with Intune to protect our Office 365 data on employee mobile devices. We also have end-users who are contractors and have existing MDM/MAM controls on their device from their primary employer.  They cannot add our corporate INTUNE controls to the same device according to the Microsoft error messages. The same issue applies to NEDs who work for multiple corporates. Has anyone else found a solution for this?

Management ToolsSecurity & GRCStrategy & Architecture+1 more
Director of Information Security9 days ago
We haven't found a "good" solution short of issuing a separate managed device; the user has to choose whose policies to apply to their device. On Android you can technically create separate user profiles to get around this ...read more
Read More Comments
364 views3 Comments

What is your organization’s current status for implementing endpoint security to protect O365 on mobile devices?

End-User Services & CollaborationSecurity & GRCDevice Management+14 more

Implementation complete23%

Implementation in progress54%

Planned within the next 12 months12%

Not planned7%

Not enabling O365 on mobile2%

View Results
2.4k views2 Upvotes