Categories

Editor's Choice
Tech Jobs Network
News & Events
Access Control & Identity Management
AI & Data Analytics
Asset Management
Associations
Conferences & Events
Facilities & Building Management
Fire & Safety
Information Security
Infrastructure
Integrated Solutions
IoT & Automation
Perimeter Security, Alarms & Intruder Detection
Power Management
Products & Solutions
Security Services & Risk Management
Smart Home Automation 
Surveillance
Training & Education
Videos
Security by Industry Sector ▾








Print this page printer friendly version

Managing the insider risk is extremely complicated

Residential Security Handbook 2022: SMART Living Information Security, Residential Estate (Industry)

By John Mc Loughlin, CEO, J2 Software.


John Mc Loughlin.

The risk from malicious insiders has long been a priority for CISOs and has now become a top priority for other executives and board members. Employees require access to sensitive information, but heavy-handed approaches using complicated and static rules can frustrate users. This hampers productivity and leads users to search for workarounds that can also put data at risk.

Employees, contractors and partners understandably have concerns about what activity is monitored. They have questions about what data may be in scope or out of scope. More importantly, users may wonder how these monitoring systems may be biased against them and intrude on their personal privacy.

There’s one consistent and prevalent security gap in every digital enterprise in the world. Regardless of the industry, whether it’s financial, healthcare, residential or logistics, the common denominator remains the same: the human element.

A complicated task

Addressing the insider risk is extremely complicated. A recent DTEX report compares two distinct approaches: Insider Risk Management and Insider Threat Surveillance. The approaches share common goals of preventing data loss, detecting insider threats, accelerating incident response and maintaining compliance.

Insider Risk Management (IRM) views the employee as a source of intelligence rather than a subject of surveillance. It effectively flips a model of invasive monitoring to one that anonymises user intelligence and collects only the minimum amount of metadata necessary to build a forensic audit trail, with full respect for an employee’s fundamental right to privacy.

File scanning, email, web, messaging application content capture, keystroke logging and screen recording are not necessary for effective security with a metadata collection model. IRM goes beyond compliance requirements, prioritising employee privacy while still enabling worker productivity.

Insider Threat Surveillance (ITS) technologies have not only employed invasive content inspection, keystroke logging and video capture capabilities, but also often collect more data than necessary for their stated purpose. This creates unnecessary employee privacy issues, as well as significant costs associated with excess data storage and processing.

In some countries it may be illegal to monitor employees (or to use evidence from monitoring) to reprimand or dismiss them unless an Acceptable Use Policy has been well communicated to staff. In countries with well-established data protection laws, organisations must provide information about the processing of personal data, including what type of data is collected, who has access to the data, and under what circumstances monitoring may occur.

Best strategy that delivers results

Businesses need to adapt quickly to changing customer requirements and competitive pressure, and this requires an insider risk solution that takes the best strategies from a variety of approaches.

This could include rules from data loss prevention for known bad behaviour, machine learning,and behaviour analytics based on better data to identify malicious intent, and a privacy-first approach to employee monitoring that protects employees and is used in a proportionate manner.

According to Gartner, surveillance of employee activities is not without risk. Organisations commonly monitor internal communications systems (for example, email or collaboration platforms) and investigate suspected policy violations. But expansion of these activities into a more pervasive inspection of the work life of employees can infringe on employee privacy expectations and rights in the workplace.

Gartner says before organisations explore the use of insider threat tools and services, they must consult legal counsel and human resources leaders, and set boundaries on the capture, storage, sharing, analysis and destruction of data regarding employee activities.

Download the Insider Risk Management and Insider Threat Surveillance e-book (www.securitysa.com/*dtex1) to learn more about the tools available and how workforce cyber intelligence and security can help.




Share this article:
Share via emailShare via LinkedInPrint this page


Further reading:

Managed security solutions for organisations of all sizes
Information Security News & Events
Cyber attackers have become significantly more sophisticated and determined, targeting businesses of all sizes. PwC’s Global Digital Trust Insights Survey 2025 Africa and South Africa highlights the urgent need for organisations to implement robust cyber risk mitigation strategies.

Read more...
Data resilience at VeeamON
Technews Publishing SMART Security Solutions Infrastructure Information Security
SMART Security Solutions attended the VeeamON Tour in Johannesburg in August to learn more about data resilience and Veeam’s initiatives to enhance data protection, both on-site and in the cloud.

Read more...
Troye exposes the Entra ID backup blind spot
Information Security Infrastructure
If you trust Microsoft to protect your identity, think again. Many organisations naively believe that Microsoft’s shared responsibility model covers Microsoft Entra?ID – formerly Azure AD – but it does not.

Read more...
Secure data protection without hardware lock-in
Infrastructure Information Security News & Events
New Veeam Software Appliance empowers IT teams to achieve instant protection with Veeam’s fully preconfigured, software-only appliance, delivering enterprise-ready simplified deployment and operational efficiency, robust cyber resilience.

Read more...
Check Point launches open, vendor-neutral MDR services
Information Security News & Events Products & Solutions
New Check Point MDR 360° and MXDR 360° offerings deliver 24/7 managed continuous threat monitoring protection across endpoints, cloud and network environments with built-in identity threat detection and 160+ integrations across hybrid, multi-vendor environments.

Read more...
Credential theft surges in South Africa
NEC XON Information Security
NEC XON issues a critical cybersecurity warning about the dual threat of massive credential theft and AI-powered cyberattacks sweeping across the region, with an increasing number of incidents and evolving threat tactics.

Read more...
Want effective Attack Surface Management? Think like an attacker.
Information Security
Effective ASM requires companies to think like attackers, anticipate risks, and act decisively to reduce exposure by knowing their environment, deploying a structured approach, leveraging capable tools, and addressing both internal and external risks.

Read more...
The growing role of hybrid backup
Infrastructure Information Security
As Africa’s digital economy rapidly grows, businesses across the continent are facing the challenge of securing data in an environment characterised by evolving cyberthreats, unreliable connectivity and diverse regulatory frameworks.

Read more...
POPIA non-compliance puts municipalities at risk
Information Security Government and Parastatal (Industry)
Digital responsibility must go beyond POPIA compliance to recognising that privacy and service delivery are fundamentally linked. Despite this, only 51 out of 257 municipalities submitted their mandatory data protection and access to information reports in 2024.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...











SMART Security Business Directory


While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.

Published by Technews

»  Dataweek Electronics & Communications Technology
»  Electronics Buyers' Guide (EBG)

»  SMART Security Solutions
»  SMART Security Business Directory

»  Motion Control in Southern Africa
»  Motion Control Buyers' Guide (MCBG)

»  South African Instrumentation & Control
»  South African Instrumentation & Control Buyers' Guide (IBG)



© Technews Publishing (Pty) Ltd. | All Rights Reserved.