The Insider Threat and Why We Need Human Risk AssessmentsHuman Factor Expert on Building the Right Culture, Aligning With Business Goals
Human Factor Security expert Robin Lennon Bylenga advised that in building an internal threat management program, it is imperative to not send mixed messages to the broader workforce.
The insider threat can encompass many things, she said, and only a small number of them are malicious in nature.
She advised organizations to approach an internal threat management program as more of a "management training program to look for different kinds of behaviors and vulnerabilities," she said. "You would never have a business without having a risk assessment. The same thing is critical for the human. So, a human risk assessment: Where can we be vulnerable?"
In this video interview with Information Security Media Group, Lennon Bylenga discussed:
- What has changed about the insider threat in the post-pandemic world;
- The dichotomy between creating a positive security culture and establishing an internal threat management program;
- Errors organizations make when establishing and implementing an internal threat management program.
Lennon Bylenga is an industry-recognized human factors and internal threat management specialist who frequently speaks and writes on the art and science of understanding human factors within information security. She is an expert in assessing and mitigating human factors and related risk and has adapted the Human Factors Analysis Classification System to cybersecurity. As a thought leader, she provides in-depth direction and guidance on a significant blind spot in cybersecurity - the human element. She is passionate about building a positive and proactive security culture and creating behavioral change by teaching secure behavior on personal and professional levels.