CISA releases tool to help orgs fend off insider threat risks

The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new tool that allows public and private sector organizations to assess their vulnerability to insider threats and devise their own defense plans against such risks.

The Insider Risk Mitigation Self-Assessment Tool helps orgs determine their risk posture by answering a series of questions about the requirements needed to set up an insider risk program management, the levels of insider risk awareness and training among employees, and the organization’s insider risk environment.

This tool also makes it easier to understand the nature of insider threats to expedite the process of creating a prevention and mitigation program.

“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said David Mussington, CISA’s Executive Assistant Director for Infrastructure Security.

“CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats. Taking some small steps today can make a big difference in preventing or mitigating the consequences of an insider threat in the future.”

#InsiderThreats can be #cyber or physical. Do you have a plan to handle an insider threat? If you don’t, our Insider Threat Self-Assessment Tool will help gauge your vulnerability to an insider threat incident: https://t.co/fWSosDueFt #InfrastructureResilience #InfoSec pic.twitter.com/gob4hxAP27

— CISA Infrastructure Security (@CISAInfraSec) September 28, 2021

Insider threat risks, which can be malicious or accidental, can have a significant impact considering the level of damages they can inflict on an organization if not detected and blocked in due time.

Typically, insider threats are a current or former employee, a third-party contractor, or a business partner who has (or had) access to an organization’s network and/or data and uses that access for malicious purposes (unwittingly or not).

“Consequences can include compromised sensitive information, damaged organizational reputation, lost revenue, stolen intellectual property, reduced market share, and even physical harm to people,” CISA added.

Further info and tools to mitigate insider threat risks can be found on CISA’s infrastructure security website.

In June, the federal agency also released a ransomware self-assessment security audit tool which helps orgs assess how well they are equipped to defend against and recover from ransomware attacks targeting their information technology (IT), operational technology (OT), or industrial control system (ICS) assets.