Addressing Bias in Insider Risk Monitoring
            By Chris Denbigh-White, Chief Security Officer, Next





            Preventing  the  loss  of  sensitive  information  can  be  difficult  for  organizations.  Enterprises  often  take
            similar steps to protect data from internal and outside threats, where teams analyze activities to identify
            potential  risks.  Security  operations  centers  (SOCs)  defending  against  these  threats  must  look  at
            employees, partners, and threat actors through a similar lens to pinpoint potential data leaks. However,
            when surveilling for insider threats, there is the added concern of potential bias.



            Defining Monitoring Bias


            Monitoring bias is the unfounded, often discriminatory observation of specific employees or departments
            irrespective of their conduct. This can generate unsupported, negative conclusions about the credibility
            and trust an organization should have about an employee or department, resulting in intrusive monitoring.
            Conversely, it can lead to data leaks if biases prevent other employees from being adequately monitored.









            Cyber Defense eMagazine – December 2023 Edition                                                                                                                                                                                                          73
            Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.