Page 56 - Cyber Defense eMagazine January 2024
P. 56

Addressing Bias in Insider Risk Monitoring


            By Chris Denbigh-White,  Chief Security Officer, Next



            Preventing  the  loss  of  sensitive  information  can  be  difficult  for  organizations.  Enterprises  often  take
            similar steps to protect data from internal and outside threats, where teams analyze activities to identify
            potential  risks.  Security  operations  centers  (SOCs)  defending  against  these  threats  must  look  at
            employees, partners, and threat actors through a similar lens to pinpoint potential data leaks. However,
            when surveilling for insider threats, there is the added concern of potential bias.



            Defining Monitoring Bias

            Monitoring bias is the unfounded, often discriminatory observation of specific employees or departments
            irrespective of their conduct. This can generate unsupported,  negative conclusions about the credibility
            and trust an organization should have about an employee or department, resulting in intrusive monitoring.
            Conversely, it can lead to data leaks if biases prevent other employees from being adequately monitored.

            Monitoring  bias  affects  how  businesses  analyze  insider  risks,  resulting  in  errors  that  can  prevent
            identifying potential threats. This type of discrimination comes in many forms:

               1.  Unequal Monitoring: Monitoring specific members of your organization without holding others to
                   the same  standard  can  result  in low visibility  of  vulnerabilities  that, when  spotted,  can  prevent
                   insider threats.







            Cyber Defense eMagazine – January 2024 Edition                                                                                                                                                                                                          56
            Copyright © 2024, Cyber Defense Magazine. All rights reserved worldwide.
   51   52   53   54   55   56   57   58   59   60   61