Once employees began working remotely, the insider threat moved outside of the network and into homes. Most insider attacks are unintentional, however, CISOs must prepare for and respond quickly to sabotage. CISOs should aspire to have full visibility and control of who in the organization handles sensitive data like financial information and customer records. By doing so, insider risk is somewhat mitigated. CISOs must also ensure the entire workforce is cyber resilient. It’s not enough for employees to know phishing attacks are a threat; they must also know how to defend against them.
CISO Street recently moderated a virtual CISO panel and asked panelists about their perspectives on current cyber trends and challenges. In this video, Jason Lewkowicz, Global CISO for Cognizant, Mike Raeder, Deputy CISO and Director of Information Security for Northrop Grumman, and Jonathan Kimmitt, CISO for the University of Tulsa, share their top insider risks and mitigation strategies.