Not Preemptive

While you can never know 100 percent when an insider attack is coming, the panel agreed that a common mistake is neglecting some measures that can be taken to be proactive. Moderator Dawn Cappelli, director of insider risk management at Rockwell Automation, suggested getting HR teams to actively notify the insider threat team when an employee has announced their departure, especially when they are leaving for a competitor. That will help insider threat teams know when to launch an audit in case that employee plans on taking private corporate information with them, she said. Geoff Hancock, chief of cyber security at the Advanced Cyber Group – Empower Solutions, suggested also reaching out to marketing and sales teams to get in the loop with major upcoming product launches that might be ripe for internal threats.