Insider Risk, Productivity

Insider Threat Detection Software to Increase Employee Productivity

By Dr. Christine Izuakor

Insider Threat Technology Can Help Increase Employee Productivity

A few years ago, a news story about a man who was being paid six figures to watch cat videos went viral. Unfortunately, his company didn’t realize that this is what they were paying him to do all day. How did this happen? The employee, whom we’ll refer to as “John,” worked for a company in the US and was getting paid six figures as a developer. He was producing excellent quality code and exceeding expectations in his role – until one day, the security team noticed a VPN connection under John’s login credentials coming from China, while John was sitting in his office in the US.

Initially, this may have looked like malicious activity from an outside attacker. After further investigation on various factors regarding John’s online activity, the security team found that John had outsourced his job to a developer in China. He was paying the Chinese developer less than one-fifth of his salary, sharing his credentials and network access, and giving any resource data needed to complete the job. Since his work was done for him, he had plenty of time to spend his days disengaged from work and watching precious cat videos on Youtube.

The resulting security risks and likely breach of an employment agreement are just the surface of concerns that arise from this story. Unfortunately, this happens regularly and acts as a stark reminder of the broad range of Insider Threats that span well beyond malicious intent. In Johns’ eyes, he was simply finding a creative way to get his job done, or in this case, avoid doing it depending on how you view it. Nevertheless, Insider Threat detection solutions can help companies detect and address this kind of situation.

Here’s a look at how costly disengagement can be and how technology can help thwart one of the most overlooked Insider Threats to companies: the unproductively disengaged employee.

Disengaged employees waste up to 605 billion dollars annually in the U.S.

Imagine that for every 100 employees you’ve hired, 70 of them are underperforming and disconnected from their work like John. No need to imagine too hard as this is the reality for most companies. Gallup reported that in 2018, almost 70 percent of employees were disengaged at work. Furthermore, it’s estimated that those employees can cost the company up to 34 percent of their pay, for a whopping estimated total of $483 – $605 billion lost per year.

Being able to identify these individuals is the first step in increasing productivity and insider threat detection tools can help. For example, let’s say John comes into the office at 9 am every morning and leaves at 5 pm. It appears he’s locked in his office all day working hard, but the logs and tool usage data behind the scenes paint a different picture. Through monitoring solutions, you may find that while locked away in that office, he’s spent 60% of his time on YouTube, answering personal emails, and planning his next vacation. A mere 40% of his time goes to work. Monitoring solutions become even more relevant in remote workforce environments where employees aren’t physically seen.

Disengaged employees increase cyber security risk.

A large percentage of security incidents and breaches are human error related and often stem from the actions of careless employees. These disengaged employees are more likely to send confidential emails to mistyped contacts, click on phishing emails, share passwords, and more. Each of these seemingly minor human errors can lead to massive breaches. The more careless your workforce is, the more successful these popular attacks are. Insider Threat solutions can be used to effectively evaluate the behavior of employees, create risk profiles, and evaluate employees holistically to highlight indicators of disengagement and risk.

The earlier this can be detected the better. With this insight organizations can proactively work to understand and potentially change the behavior before the threat becomes a real problem. Education and awareness is also a key best practice in reducing human-related incidents. Knowing who the disengaged employees are can help organizations delivered targeted training and communications to align with those individual needs.

Insider threat detection technology can alleviate current challenges.

User and Entity Behavior Analytics technology can empower organizations to consider a comprehensive view of employee activity, notice trends and take action. There are standard indicators of disengagement such as personal challenges, HR issues, irregular work hours, notable shifts in habit, and more. When this context is intelligently paired with actual logged activities, such as unusual login times or locations, as seen in John’s case, trends can be noticed that alert the organization of potential Insider Threat situations. Employees that are deemed credible threats can be more closely monitored for suspicious activity on their computers or the network. This can include but is not limited to reviews of search history, data exporting, copying of data or even playback of activities during specific time frames of concern.

Empowering employees to be engaged and productive is a two-way street. The organization can gain insight into ways to improve.

When a disengaged employee is identified and monitored, it doesn’t always mean that they have malicious intentions or should be fired immediately. Employee engagement and the inherent productivity that results is a two-way street. It’s up to the company to create a culture and environment where employees are empowered to be engaged and productive. Provide employees with the necessary tools to get their jobs done and benefits to promote mental and physical health. Also, ensure employees have a safe space to report issues they are noticing or changes in the behavior of their colleagues. If you are noticing common disengagement trends across certain working groups or areas of the business, you may have a more significant morale issue on your hands and Insider Threat technology can shed light on that.

Similarly, this technology can be used to identify areas where teams are overwhelmed with work versus areas where people have excess idle time which can contribute to better headcount and workforce growth planning.

Conclusion

Disengaged employees are a simultaneous threat to productivity and cyber security in organizations. It’s important to know who is engaged and who is disengaged in the company to address the threat. Insider threat technology benefits span well beyond the detection of malicious insiders and can help companies understand and shift their employee engagement and productivity postures.

Insider Risk – How Prepared Are You?

Insider Risk – How Prepared Are You?

Not every company is equally prepared to deal with insider risk. This report outlines the four stages of insider risk maturity and explores how to improve your insider risk preparedness.

About the author

Dr. Christine Izuakor
Dr. Izuakor is the Senior Manager of Global Security Strategy and Awareness at United Airlines where she plays a critical part in embedding cyber security in United’s culture. She is an adjunct professor of cyber security at Robert Morris University, and independently helps corporations solve a diverse range of strategic cybersecurity challenges.

Insider Risk & Employee Monitoring Resources

Smart Year-End IT Investments- A Trifecta for ROI

Smart Year-End IT Investments- A Trifecta for ROI

Drive Productivity, Reduce Insider Risk, Enforce Compliance As the year wraps up, many IT, security, compliance, and HR teams have unspent budgets that won't roll over. Rather than scrambling for last-minute, low-value purchases, why not make smart, strategic...

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Is IAM, SIEM, and DLP Enough to Combat Insider Risk?

Key Takeaways: Closing the Gaps in Traditional Security Tools: IAM, SIEM, and DLP are vital but insufficient in addressing insider risks. They focus on access control, event logs, and data protection without understanding the behavioral context that signals insider...