Cyber security is a significant concern for most organizations, with cybercrime costing the UK several billion pounds per year.  Indeed, a recent government report showed that 46% of all businesses identified at least one cyber attack in the last year, with 74% of directors regarding cyber security as a high priority issue for them.

This is compounded by data suggesting that a skills shortage is the #1 factor holding back organizations from tackling cyber security more effectively.

Whilst the common perception is that the biggest threat to security at a company is from external actors hacking into your system, the reality is that insiders often pose a much bigger threat.  Recent research from the Universities of Glasgow and Coventry highlighted the employees most likely to pose such a threat.

Many of the behaviors in the four employee types identified by the authors can be worsened by organizational change, with negative behaviors ranging from time-wasting to leaking confidential information to competitors the result.

Risky employees

The four types of employee identified by the research were:

• Omitters – The first type are omitters, who generally behave in a risky manner due to difficulties in self-regulating their behavior.  Their breaches are usually unintentional and can be mitigated via help from others.
• Slippers – The second type are slippers, and they usually have very good behavior but can occasionally slip and commit one-off acts of insecure behavior, whether it’s taking secure documents home with them or being rude to others.
• Retaliators – The third type sees a shift towards more mendacious behavior and sees employees act in response to a perceived slight by their employer.  They respond by committing a small security breach that can nonetheless harm the company. If these employees aren’t challenged, it can easily snowball into more serious offences commited by the final group.
• Serial transgressors – The final group commit a range of counter-productive behaviors that constantly undermines the organization, thus not only resulting in counter-productive behavior themselves, but also in their colleagues.

Cyber security SOS

San Francisco and Austin-based JASK have recently launched the first Autonomous Security Operations Center in the industry to support cyber security staff keep their systems safe and secure.

This special ops service consists of two levels of service, the first of which offers active threat hunting and discovery, whilst the second includes custom and advanced assistance with each response.

The service offered through the program aims to collectivize the knowledge of the JASK community so that solutions are rapidly spread throughout the customer base to ensure their collective security.  Both service levels offer an active threat hunting capability to search for and identify the latest advanced attacks.

There is also 24/7 alerting and triage services to ensure that the right assets and attention are brought to bear on any issue.  Threats are then consolidated into reports to highlight emerging activity.

“I am thrilled with the incredible level of talent we have brought on board, and as far as threat hunting is concerned, the JASK Special Ops team is the most impressive group I’ve come across in my career,” JASK say. “In combination with the context and visibility provided by the ASOC platform, the team is already delivering tremendous value by engaging with our customers to mitigate and more importantly prevent risk.”

Suffice to say, they aren’t the only company attempting to tackle the skills shortage in organizations. London based startup Secure Code Warrior take a gamified approach to the job.

They aim to ensure that developers and IT departments produce secure code that eliminates the kind of poor security practices that make organizations vulnerable to cyber attack.  They’re taking aim at the traditional training offered to developers and have built a gamified platform that gives developers engaging and interactive exercises that not only allow them to learn secure best practice, but by competing against their peers, they believe that it will ensure more sustainable learning.

With cyber security an increasingly important issue, it’s pleasing to see a range of approaches designed to help organizations get better at it.