3 Keys to Boosting Revenues with Insider Threat Expertise

Isaac Kohen

By Isaac Kohen, Founder and CEO, Teramind

While your customers are reacting to insider threats by implementing pre-employment screenings, security education and creating a series of policies to execute in the event of a leak, these are all reactive measures. The opportunity for security firms and advisers is in preventative tools and methods that organizations can use to prevent insider threats from harming the business in the first place. This requires behavioral analysis and an understanding of people, not just new technology.

So how large is this opportunity? According to Bloomberg Government, it is a $1 billion market for public-sector organizations. And with the private sector scrambling to remain in compliance to maintain government contracts, there is no better time than right now to provide a wealth of services to both public and private organizations seeking to insulate themselves from the risk of data breaches.

Channel partners need to understand three core aspects before seizing the opportunity in front of them. These are: What do channel partners know, what do clients need, and where are the information gaps? Said another way, this means continuous topic analysis (security), industry-context analysis, and nudging companies beyond compliance.

Insider Threats: Current Knowledge

As of 2017, insider threats still remain the leading cause of data breaches, according to analysts. The insiders can be either malicious in intent or accidentally cause a breach through negligence. Insiders can be on-site employees, remote workers and high-privilege-access employees. What should be emphasized is that an insider is a person, not only a technical issue. The human factor of security is able to overcome traditional means of information security, such as passwords, firewalls or key cards. Even non-privileged users are able to overcome these hurdles.

As technology was the focus of insider-threat mitigation for a while, many organizations have become very aware of the importance of behavioral analysis and detecting the indicators of a potential insider threat. One can quickly get up to speed by reviewing the Common Sense Guide to Mitigating Insider Threats from CERT. Baselines need to be established so it becomes easier to detect sudden changes in behavior from insiders.

With an understanding of current knowledge and best practices in place, channel partners can quickly identify some needs of clients before they even get into the details of their situation. Additionally, possessing the latest knowledge on insider threats will position channel partners as experts in the space of information security, because of the continued focus on this leading threat across sectors. Keeping your firm up-to-date will keep you ahead of competition when pitching or engaging clients. This also means following information security journalists, top bloggers, experts and analysts to understand what is currently happening in the space where your firm operates.

Understanding Client Context

When engaging a client, channel partners do not speak to an organization; channel partners speak to people with their own roles and anxieties. These cannot be generalized, or else an effective solution will not be produced for them. Trust is the critical element here. While CIOs have their concerns, it is important to be able to …

… at least ensure the C-Suite is united in a mission to prevent data breaches. This can only happen if channel partners can communicate what a data breach will mean for that executive’s department. Remember: The goal is to win trust of the client. This is done by instilling confidence, not fear, in a sensitive situation, especially if the organization has already been through a data breach.

Beyond the organization’s specific situation, to build trust, clients will want to be certain that their partners and suppliers bring a deep understanding of their industry. This is why it is important to keep up to date on what insider threats mean for the different verticals that you’re servicing as a channel partner. Ensure that the data you’re basing your analysis on is accurate and that you’re able to develop deeper insights than the CIO can. It will be important to speak to their latent security needs rather than the easy wins. Security is a very serious issue that requires someone who can help with process change management throughout an organization. This requires confidence and buy-in from the C-Suite, paired with the language needed to communicate the process change to middle management and education for the whole organization.

Beyond Compliance: Client Education

Unfortunately, compliance is often the motivator for getting the private sector to change processes. However, compliance is produced in a reactionary process and often is behind in best practice by a few years. An example of this dynamic is when the Department of Defense, in 2016, set new requirements for contractors that specifically addressed insider threats. The problem is that what they required was out of date and seen by information security experts as not being strong enough to prevent another massive data breach like the one that instigated the changes. Relying on regulation will not produce a secure environment for either the public sector or the private sector.

No client is an island. As an industry, there must be expert information security organizations, such as yours, taking proactive steps and providing insider threat education to client industries. Providing education cannot be done if your own team is not up to date on the latest best practices and vulnerabilities. Education can be used for two reasons at once: for the betterment of the whole community and for positioning. Client organizations need to understand the risks of not proactively detecting threats; if you’re the firm that makes them aware of that risk, you’ll reap the reward of helping them defend against it.

In the information-security space, the keys to booting revenues and creating new business opportunities are education and trust. Ensuring that your firm is up to date on the latest vulnerabilities and best practices ensures that you can share that knowledge with the industries you engage with. This helps to build trust and confidence in a space where it is increasingly harder to find.

Isaac Kohen is the founder and CEO of Teramind, an employee monitoring and insider threat prevention platform that detects, records and prevents malicious user behavior. Isaac can be reached at [email protected].