Managing insider threats in government suppliers
Government suppliers handle sensitive data that makes them prime targets for insider threats. Frameworks like the Cybersecurity Maturity Model Certification, provide guidelines for consistent security practices among government suppliers. However, threats frequently slip through the cracks and MSPs can help their government supplier clients navigate this landscape by ensuring they have the right protocols and tools in place, says Scott Barlow at Sophos.
The rise of insider threats is a pressing cybersecurity issue for government suppliers. These threats stem from an organisation’ s own employees and subcontractors who misuse sensitive and classified information. But since their access to this information is often authorised, insider threats are particularly difficult to detect. Even well-meaning employees can pose serious risks, whether through the unintentional misuse of Generative AI tools like ChatGPT or security gaps created by internet of things, IoT devices.
Frameworks like the Cybersecurity Maturity Model Certification, provide guidelines for consistent security practices among government suppliers. However, threats frequently slip through the cracks. MSPs can help their government supplier clients navigate this landscape by ensuring they have the right protocols and tools in place.
Government suppliers handle sensitive data that makes them prime targets for insider threats. That said, not all threats are malicious.
For example, an HR manager might feed an employee’ s personal contact information into a Generative AI tool like ChatGPT or Microsoft Copilot to draft an email, unaware that this sensitive data could be exposed.
Scott Barlow, Chief Evangelist, Global Head of MSP, Sophos
While the intention may be harmless, such actions can lead to serious breaches of confidential data that place both the supplier and its government clients at risk.
It is also difficult to differentiate between legitimate activity and harmful behaviour in the moment. Routine actions like file transfers may seem innocuous but could signal misuse, or vice versa.
For example, an employee could download classified contract data to complete an authorised task. Or they could use that same data to gain an unfair advantage in bidding on future government contracts, benefiting either themselves or a competing firm.
No matter how thorough and compliant your vetting process is, it is impossible to gauge an employee’ s reliability and trustworthiness from a job interview. While vetting is crucial, it cannot eliminate the inherent risks of insider threats.
Additionally, the growing use of IoT devices, example smart sensors to monitor critical infrastructure, increases the complexity of insider threat monitoring. These often unmanaged devices generate large volumes of data and network activity. This makes it difficult to distinguish between routine operations and potential risks.
Businesses must flag all unusual behaviour, regardless of intent. But while thorough monitoring is necessary, it often
40 www. intelligenttechchannels. com