“The foundation of a counter-insider threat program needs to start with recognizing there is a person at the other end,” says Keith Lowry, former Chief of Staff to the Deputy Under Secretary of Defense for Human Intelligence, Counterintelligence and Security at the Pentagon in this article on ZDNet:
Fighting the person should be cybersecurity best practice
When it comes to tackling an insider threat, Keith Lowry, senior vice president at Nuix, has said that organisations need to focus on the person, rather than attempting to block them with more technology.
One major mistake organisations and governments are making in protecting their systems is neglecting the importance of focusing on the person at the end of the attack, according to Keith Lowry, senior vice president at Sydney-based intelligence, analytics, and cybersecurity software firm Nuix.
The 25-year cyber-veteran said that the majority of all insider threat programs he has been privy to begin with the foundation of technology, and that in reality, the foundation of a counter-insider threat program needs to start with recognizing there is a person at the other end.
“It’s about people using technology — it’s not about technology by itself — and too many people focus on the fact that it’s all technology and therefore the answer to it must be a piece of technology,” Lowry said.
“If you build the foundation from that premise, I believe that’s why we’re not doing very well.”
When it comes to tackling cybersecurity, Lowry said organisations worldwide are struggling, confused why the amount of money they are spending is not resulting in them winning the battle against the bad guys. . . . (read the rest)