Platform

Unify HRM Overview

Platform

Capabilities

Identify: Human Risk Operations Center (HROC)
Dashboards

Power Insights

Benchmarks

Protect: Action Plans
Nudges: Communications & Employee Scorecards

Training: Risk Based SAT and Phishing

Orchestration: Policy Playbooks

Report: Human Risk Index (HRI)
Employee Scorecards

Manager Reporting

Board and Executive Reporting

Bundles

Unify Go
Start your journey to HRM here.

Monitor risk by:

Security Training Compliance

Phishing and Email

Unify Enterprise
Covers risk in Unify Go and adds:

Malware & Ransomware

Data Loss

Account Takeover

Featured Resources

Living Security Blog
What is Attack Surface Management?
link

Living Security Blog
Why Your Team Should Have A Business Continuity Plan
link
Solutions

Solutions Overview

Solutions

By Role

CISO
Provides CISO’s, executives, and boards a complete picture and prioritization of workforce risk by type, department, location, and more.
link

Security Awareness Team
Go beyond training completion and phishing click rates and proactively safeguard your organization from human-induced security incidents.
link

GRC
Identify, resolve and track commonly violated policies with granular accuracy to lower risk and improve workforce compliance.
link

SOC/IR
Unleash the true potential of your human firewall with data-driven insights and action plans that curb threats before they become incidents.
link

By Risk

Training Compliance
Monitor training compliance status for users and segments across the enterprise.
link

Phishing & Email
Identify the users most and least at risk to social engineering attacks and protect them.
link

Malware & Ransomware
Proactively protect users from malware including viruses, worms, Trojan viruses, spyware, adware, and ransomware.
link

Data Loss
Pinpoint when data is at risk of leaving your controlled environment through unauthorized access or malicious intent.
link

Identity Threats
Get visibility into the most susceptible users for account compromise and mitigate their risk.
link
Products

Products

Products Overview
Transform how your organization approaches Security Awareness and Training by shifting to a proactive HRM approach that creates a strong culture of security.

Living Security Blog
What is Attack Surface Management?
link

Unify Human Risk Management
Establish a proactive security loop.
Security Awareness Training
Interactive compliance training for modern threats.
CyberEscape Rooms
Put your team in the center of security scenarios
Cybersecurity Awareness Month
Create a cyber vigilant workforce in October
Cybersecurity Engagement Training Go beyond compliance training Phishing
Stop social engineering attacks in their tracks with realistic simulations and training
across phishing, vishing, smishing, and more.
HRM

HRM

Human Risk Management: Proactive Security
Human Risk Management (HRM) is the process of identifying, assessing, and mitigating risks associated with human behavior in relation to an employee's use of technology.
HRM Maturity Model
How far is your company along the path to true proactive security?

Living Security Blog
What is Attack Surface Management?
link
Resources

Resources

Resources
Level up on Human Risk Management with a comprehensive collection of webcasts, whitepapers, ebooks, and more.
Blog
Access hundreds of informative blogs with deep dives and best practices relating to the full array of cybersecurity risks we face.
Webinars
Watch dozens of webinars tackling some of cybersecurity’s biggest challenges featuring thought leaders from leading organizations.
Case Studies
See how a variety of organizations utilize Living Security’s HRM Platform, Training, and Phishing to reduce risk with proactive defense.

Partners
Human Risk Management Powered by Partners.
Technology Alliance Program
Extend the value of your offering with HRM.
Partner Support
Unlock your potential with our partner hub.

Living Security Community Share HRM best practices Newsroom Read the latest news on Living Security. Support
The more you know, the more you grow.
Why Living Security
Establish a proactive security loop.
Start Now

March 25, 2021

Empower Your Enterprise to Recognize Insider Security Threats

Cybersecurity and IT teams spend a great deal of time building digital defenses against outside threats. From anticipating targeted infrastructure attacks to educating your employees on phishing schemes, security leads everywhere focus heavily on external threats.

Don’t get us wrong— we know you need to watch out for outside threats. But what you can’t do is spend so much time worrying about external threats that you forget about insider threats.

Insider threats are employees or partners who misuse their authorized access and pose a security risk from within your organization.

While there are measures CISOs and security managers can take to prevent and detect insider threats, it’s not a job you should (or really can) do alone. There’s no antivirus scanner that detects insider threats or an algorithm to rate how likely a team member is to steal your data!

Luckily, your entire organization can also look out for and report insider threats— if you enable them.

Let’s look at how to recognize insider threats to pass off these tips to your team:

Know Who’s a Threat

While technically anyone within your organization could pose as an insider threat, certain users fit the bill more than others.

High-permission users. Who has access to the juiciest data? High-value, sensitive, proprietary data could be shared with competitors or interest groups for profit by those who have more access than they really need. Even those who do need access may not respect its privacy.

Contractors or temporary workers. Have you hired anyone from outside of your organization for a special project? Without proper screening or restricted permissions, these outsiders could access information they shouldn’t.

Service providers. Is your security team or your company at large working with an agency for training, marketing, SEO, etc.? Outside help is often granted access to internal access and trusted with valuable data.

Partners of service providers. It’s important to note that insider threat actors don’t always have malicious intent. For instance, if a service provider has access to your data and is hacked, the bad actor can vicariously breach your system. While your service provider wasn’t the one who stole your data, it was compromised none-the-less.

New employees. Did someone come on board just to steal your information? While you want to welcome newcomers, they could also be insider threats in disguise intent on getting access to information.

Inappropriately offboarded ex-employees. Someone who previously worked for your corporation may have the motivation to share access or proprietary knowledge for revenge or financial gain.

Look for Warning Signs

With knowledge of these digital and behavioral concerns, you and your team may be able to catch an insider threat before it escalates.

Digital Concerns

Sharing permissions with outsiders, especially if it’s not related to their job or function. If you’re sent a document from a contractor and see a user you don’t recognize with shared access permissions, question it. Who is this mystery user? Enforce restrictions on who can access your databases and individual files.

Making use of unauthorized storage devices. Is an employee using an external hard drive or their desktop to store sensitive files? Your data should always be behind a secure and protected database and written into policy.

Unauthorized storage of logins and passwords. If you use a password management system that encrypts hashes, that’s great. But if team members don’t use it and have lists of logins on a note on their phone, stored in an unsecured Google Doc or a physical notebook, this information could be used for ill-will.

Behavioral Concerns

Attempts to skirt past security. You have your security measures in place for a reason, and if a user keeps defying your policies and making up their own rules, they are someone to look out for.

Shift in attitude. If someone is frequently showing a bad attitude towards work, being aggressive towards coworkers or suddenly seeming apathetic about performance, they may be unhappy with the job. These are the clear warning signs an employee may be getting ready to leave and has motivation to violate security protocol.

Activity off-hours. If an employee or partner is suddenly logging on or interacting with a company database outside of working hours, it’s reason for suspicion. Are they actually working or accessing the information for other reasons?

Establish Policies for Reporting Insider Threats

In order for your employees to help advocate your internal threat detection, they not only need to know what to look out for but also how to react to it.

Should a team member suspect questionable activity or intent from an employee, is there an anonymous way they can report? Consider an online form or an in-office concerns box. You must remember that not all employees will feel comfortable “outing” a fellow employee for fear of retaliation.

It may also be written into new hires contracts that HR has the right to report suspicious employee behavior to IT— say, if an employee is carrying a feud with management— or that individual team managers do the same.

Your whole company should be behind your cybersecurity initiative and vow to report threats as they arise. Create a document with tips from the top of this article in your company’s intranet or as an insert when onboarding new clients to give your team the resources they need to champion insider threat awareness.

Put Your Team’s Insider Threat Knowledge to the Test

While sending an email about your insider threat policy will create awareness around your security, your team may need more tangible training to spot and support your cause.

Teach your team how to spot internal threats by enrolling them in an immersive, engaging security program, engineered by our team at Living Security.

Our interactive video series and real-life examples help give your team a deep sense of what to do when faced with insider threats and empowers them to advocate for better security, right by your side.