What do you believe is the main cause for insider attacks?

Security & GRCGovernance, Risk & Compliance

Lack of employee training/awareness37%

Insufficient data protection strategies or solutions38%

Data increasingly leaving the network perimeter via mobile devices and web access15%

Increasing number of devices with access to sensitive data8%

Other

654 PARTICIPANTS
5.3k viewscircle icon1 Upvotecircle icon2 Comments
Sort by:
Director of Cyber Engineering in Healthcare and Biotech2 years ago

While you can make your employees aware of the risks and provide regular training, the biggest step you can take is to implement appropriate processes and tools to address the issue.  For example, you can train a disgruntled employee, but they can still take sensitive information from the company if you have not taken steps to stop it. Additionally, accidents and mistakes happen, and training alone won't address those actions. 

CIO in Telecommunication5 years ago

All of the above. It’s not a single issue but a combination of all of those listed that makes it so difficult.

Lightbulb on4

Content you might like

Is it common practice at your organization for the general counsel’s office to notify authorities when a security incident occurs?

Yes70%

No26%

Other (comment below)3%

View Results

Which tech conference do you intend to attend in person next year or have already participated in this year, and what motivated your choice?

Read More Comments

‘AI’ Business Model – With many components flowing into the AI domain (cost, data, E&C, people, value, strategy, duplication of everything, etc.), I’ve started to think about splitting out ‘AI’ from the operating model and putting it into a separate legal entity. This way, I could manage a) risk and compliance, b) cost, c) resource allocation, d) governance, e) IP, f) revenue generation, etc.

Of course, this isn’t new in general, but I’m especially interested in how this approach could help with the ongoing challenge of ensuring compliance with data privacy and regulations related to LLMs and data access/usage over time.

My question: Is anyone else thinking about this, or has anyone already done it? I know there are examples in the literature, but I wanted to float this here for general comments and discussion.

Read More Comments

Has anyone drafted an SOW for a cloud-based SIEM with setup, migration, and maintenance? I’m working on a FedRAMP-authorized SIEM SOW, migrating from on-prem Splunk, covering data, searches, alerts, dashboards, and models.  Scope includes Environment Setup:  Cloud provisioning, configuration, testing. Connectors/Parsers: Custom data source integration. Content Development: Rules, use cases, threat feeds. Performance Tuning: Query/index optimization. Runbooks: Operational procedures. Also required: 24x7 support, maintenance, lifecycle and application management, role-based training, and documentation.  Must comply with NIST SP 800-53, CJIS, and FedRAMP Moderate+. Goal: Secure, scalable SIEM for rapid deployment. I may be missing elements, so suggestions are welcome. Please share redacted SOWs or tips if possible.