Although the Insider Threat of trusted vendors and other persons who come in contact with your data has caused the majority of breaches, companies are working harder to defend against ransomware. Good idea. But a stronger electronic defense just pushes the perpetrator to more insider attacks to get to the valuable data. The cyber war between nations is not just to steal PII, PFI, and PHI for profit, but with nation states and their privateers, it is to penetrate the critical infrastructure of their opposition. It is to gather intelligence and to have a process in place to sabotage essential functions of a nation from financial, to healthcare, and to communications. So, when one defensive measure goes up for perimeter defense, there will be more of an increased occurrence in the insider threat than there was before. Who loses in this exchange between nation states? The businesses in the middle of the cyber war. During an assessment, it is not uncommon to find several violations of basic NIST cybersecurity rules. One is that the network system admin password is known by every IT Support person who has visited the site in the last several years. Two is that the company does not vet their vendors. Three is technicians and vendors carry items out of almost every datacenter worldwide without any security checks. If these three insider risks are thwarted, it will help to restrict the Insider Threat.
When IBM was looking worldwide for a compliant vendor before the launch of GDPR, it found ISO and NIST certified TechR2. When your company is looking for compliant CSF vendors, TechR2 will be on your list.