As the persistence of insider threats remain a critical issue for government agencies to face. Security leaders like McAfee have responded by prioritizing solutions that can mitigate insider threats in their pipeline. Government agencies have begun implementing policy changes that can help reduce the risk of an insider threat that can lead to critical data loss. Still as a recent report shows, there’s work to be done.
The report, which was released by GAO this month, finds that even DoD, which has an overall superior security posture to some of the other agencies, still needs to do more to protect itself against insider threats. The report finds that while some DoD divisions have implemented effective training for insider threat risks, other areas have not. Furthermore, the report found that no agency-wide solution to unauthorized data disclosures yet exists.
So what can agencies like DoD do to close the gaps that remain? McAfee solutions like McAfee Data Loss Prevention (DLP), implemented in a DoD enterprise environment, may hold the key. DLP enforces per-user policy on access to sensitive data and allows IP protection and data encryption/decryption to be centrally managed from McAfee endpoint management solution – ePO. Combined with a Next-Generation Firewall that can identify and detect discrete data packets entering or exiting a network, DLP has the potential to completely shut out any insider threat, even in an organization as large as DoD.
Insider threat isn’t purely a technology or policy problem, and will require a solution with elements of both. We commend GAO for their comprehensive report on this very serious issue. But this report has also paved a way toward solutions that may help agencies reduce this critical threat someday soon. The report is a vital read for any technology or security practitioner in government
To read the full report, click here.