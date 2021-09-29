Public and private sector organizations now have a new tool to assist them in assessing their vulnerability to an insider threat due to an insider risk mitigation self assessment tool rolled out by the Cybersecurity and Infrastructure Security Agency (CISA) recently. User of the new tool receive answers to questions to gain feedback they can use to gauge their risk posture, along with information so they can further understand the nature of insider threats so they can take steps to create their own prevention and mitigation programs.
“While security efforts often focus on external threats, often the biggest threat can be found inside the organization,” said CISA Executive Assistant Director for Infrastructure Security David Mussington.“CISA urges all our partners, especially small and medium businesses who may have limited resources, to use this new tool to develop a plan to guard against insider threats. Taking some small steps today can make a big difference in preventing or mitigating the consequences of an insider threat in the future.”
Insider threats can pose serious risk to any organization because of the institutional knowledge and trust placed in the hands of the perpetrator. Insider threats include those that come from current or former employees, contractors, or others with inside knowledge, and the consequences can include compromised sensitive information, damaged organizational reputation, lost revenue, stolen intellectual property, reduced market share, and even physical harm to people.
CISA has a number of tools, training, and information on an array of threats public and private sector organizations face, including insider threats. Information on these resources can be found at CISA.gov.
