Understanding risk

The first step towards mitigating internal risk is understanding the full scope of the problem. Mr. Thompson provides detailed insight into the many issues facing businesses today. By introducing the problem of insider fraud and recommending proven solutions, he helps leaders take next steps to prevent and manage fraud. This book is divided into three main sections.

• Problem: The risk of insider fraud is on the rise, but many companies do little to identify the problem, let alone address the risk. Mr. Thompson describes the challenges companies face and lists team members who are critical to supporting ongoing risk management strategies.
• Context: In this section, Thompson looks at the big picture of the dangers posed by insider fraud, and explores the different types of data security breaches, including negligent employees, conscientious opponents, disgruntled employees, and thieves. I'm talking about the portrait.
• Solutions: While there is no one-size-fits-all solution to internal risk, Thompson cites many things companies can do to develop and deploy a comprehensive risk management plan. This includes measures such as education and awareness, continuous monitoring, supervision and compliance.

Why internal risk management matters

Malware is the most common cause of security breaches, but insider fraud is a close second, with negligent employees coming in second. Deliberate internal attacks are also a concern, with employers reporting that 30% of security events in the last 12 months have been committed by employees who deliberately attempt to cause damage.

しかし、より気がかりな事実は、内部関係者が実際にセキュリティを侵害すると、深刻な損害につながるということです。CERT内部脅威センターによれば、従業員による攻撃が成功した場合、外部の脅威と比較して倍の損害を引き起こすということです。企業が外部の脅威にばかり注目していると、外部のハッカーに引き起こされるよりもさらに大きな損害に自らをさらすことになりかねません。

These statistics make it clear that the importance of internal fraud countermeasures is increasing. As it stands, many companies are unprepared to manage insider incidents. Of course, we do not have measures to prevent such incidents from occurring in the first place. By first understanding the threats that exist within your network firewall, you can develop a risk management plan to keep your enterprise safe.

find the solution

There are several stages to successfully preparing an internal risk management solution. The first is creating a plan. First, assess your existing resources and determine how you can use them to educate, monitor, analyze, and investigate any issues in your network. These resources include installed software and employees who can act as an internal risk team.

As insider risk has become a serious threat to enterprises, technology has evolved to accurately predict when the threat is likely to escalate. Certain employee behaviors may indicate that layoffs are imminent and that intellectual property or proprietary information may be exposed. This can put your company at risk. With software that monitors these changes, teams can be alerted and kept on the lookout for risks.

Thompson also details the factors involved in protecting a company from insider fraud. This discussion also includes what professionals can do at the beginning, during, and at the end of employment to mitigate the risk of security breaches. These guidelines are an important first step in protecting your company from the insider threats it faces every day.

Cynthia Gonzalez
Exabeam, Inc. Product Marketing Manager

video on demand

Countermeasures against internal threats in the age of promoting remote work
～Risk visualization realized by Exabeam, a leading company in internal fraud countermeasure solutions～

働き方改革やCOVID-19の先行きが見えない中、リモートワークを推進する企業が増えております。リモートワーカーのリスク管理として内部不正対策が注目されております。このセミナーでは内部不正対策のリーディングカンパーであるExabeamを活用した事例やデモをご紹介させていただきます。

Click here to watch