Spoiler alert: sometimes, the most dangerous threats reside inside your company walls. But who’s in charge of mitigating these insider threats? Second spoiler: for most it’s unclear. Security professionals have long debated which department should oversee an organization’s Insider Risk Management program, a recent article from CSO says. Some argue that HR or legal should own it since these departments can swiftly access private data. IT ownership would place a special emphasis on cybersecurity, while the physical security team would focus primarily on physical facility protection.
So, it begs the question: should everyone have a piece? Our vote is yes. A converged approach to cyber-physical security breaks down the silos across IT, OT, HR and physical security, fostering greater efficiency and visibility across the entire enterprise. That means increased productivity, stronger security — and fewer insider threats.