As Vasu Jakkal recently shared, we are operating in the most sophisticated threat landscape ever seen, and coupled with the next great disruption–hybrid work–security is more challenging than ever. Protecting from external menaces is simply one part of the challenge, though. You likewise must protect from the inside out–another facet of “assume breach” in your Zero Trust approach. Insider dangers is likely to be malicious or inadvertent, but all impact your most important asset: your data.
As our recent Work Trend Index demonstrated, people are collaborating, chatting, emailing, and sharing in new ways and greater volume than ever before. Between February 2020 and February 2021, the time spent in Microsoft Teams sessions more than doubled( 2.5 periods) globally, the average Teams user is sending 45 percent more converses per week, the number of emails delivered to commercial and education clients is up by 40.6 billion, and we’ve seen a 66 percent increase in the number of people “workin on” documents.
That same report likewise found that people are burned out. One in five world survey respondents say their employer doesn’t care about their work-life balance, with 54 percent feeling overworked and 39 percent feeling wearied. And there was still trillions of productivity signals from Microsoft 365 quantifying the precise digital exhaustion employees are feeling.
Not merely does this create challenges for productivity and involvement, but it also creates risk for the organization. A recent study out of CyLab, Carnegie Mellon University’s Security and Privacy Institute–conducted with support from Microsoft–found that of the organizations who participated in the research study, 69 percent had more than 5 malicious, high-concern insider incidents in 2020, 44 percent had more than 10 incidents, and 11 percentage had more than 100 incidents, such as financial fraud, sabotage, data theft, or workplace violence. The report also depicted a direct correlation between the stressors impacting employees and an increase in insider risk incidents. A positive corporate culture, in which employees are engaged, rewarded, and supported, can decrease both malicious and inadvertent insider dangers, such as data loss, data theft, insider trading, and others.
“A well-balanced insider risk program can become known as an advocate for employee wellbeing and a means for a more productive, involved, connected, and perpetrated workforce .”– Carnegie Mellon University
What can you do to mitigate risk in your organization?
Listen to and empower your people: As the Work Trend Index research shows, the pandemic has taken its toll on the workforce in ways never before imagined. Stressful events can lead to people feeling overwhelmed or burned out, which may lead to an increase in risk for the organization. To reduce this risk and support the wellbeing of your people, it’s important that you create channels and mechanisms to listen to their concerns, giving you an opportunity to get feedback and helping them prioritize. Most importantly, ensure your people know they are valued by the organization and that they play a critical role in keeping you and your critical data safe and secure. Embracing collaboration: Insider risk management programs often focus exclusively on implementing tools and technological sciences without incorporating the necessary organizational, risk management, and cultural considerations. Technology plays a major role, but it is just one component of an effective program. Addressing insider risk effectively requires a collaborative approach across business leaders, HR, legal, and security. It also requires education and engagement with all people in the organization. Take a holistic approach: Recognizing insider hazards can be complex, and it often feels like trying to find a needle in a haystack. In working with customers, we’ve found that taking a holistic, purpose-built approach that can pull signals together into a cohesive panorama across your organization gives you a better understanding of the relevant trends in your organization and better risk reduction. In fact, we took this approach ourselves to ensure that it’s easy to get started, yet configurable to meet your wide variety of needs. In addition to the rich define of capabilities we announced at Ignite, we recently added new abilities, including the user activity report and activity explorer, to our insider risk management solution to expand the analytics and reporting to ensure you have the broadest view of insider risks in your organization.
To learn more about Microsoft Security answers, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Likewise, follow us at @MSFTSecurity for the latest news and updates on cybersecurity.
The post How a positive hybrid run culture can help you to mitigate insider risk appeared first on Microsoft Security .
Read more: microsoft.com