Experts: thwarting insider threats takes a holistic approach.

• Position: Homeland Security News

* Insider threats, whether they are foreign spies, disgruntled employees or embezzlers, can't be stopped with software alone, experts at a cyber security summit recently warned. The last step a company trying to protect its intellectual property should take is installing new computer programs.

"Look at the impact that the Snowdens and the Mannings have," said Michael Madon, vice president and general manager of RedOwl Analytics. "Part of the challenge we have--[as] the leadership--is to inform and create a holistic program." An insider threat is one that comes from within an organization--perpetrated by a person with access to information such as company data and security practices. There are several categories. There are foreign agents out to steal secrets. There are workers leaving for a new job that abscond with valuable data or are angry enough at management to vandalize systems. Some are simply greedy and engage in embezzlement.

While outside hackers make all the headlines, they only comprise 40 percent of data breaches, said Mike Crouse, director of insider threat strategy at Raytheon Cyber Products. The remaining 60 percent are insiders.

But software is not a cure-all, he added. Firewalls and detection systems don't fix everything without a solid foundational program for preventing, exposing and handling threats.

"We're not advocating you go out and spend money. It's not that I want you to go out and buy all these new technologies," Crouse said.

It could be as simple as using data that is already there, he added.

Panelists said buying software should be the last step in a multi-faceted approach to targeting insider threats.

Privileged users, those who have been granted exclusive access to data within a company, are a major concern for organizations. Those given that status should be monitored closely because they have "exceptional access to the data," said Larry Knutsen of the Laconia Group, a national security consulting service.

Daniel Velez, director of insider threat programs at Raytheon Cyber Products, said that there is an unsettling lack of concern toward insider threats among organizations and their leadership.

According to a Raytheon chart, "Building a Modern Insider Threat Program," 51 percent of employees feel it's acceptable to take corporate data because their companies don't strictly enforce policies, and 37 percent have shared data without permission from their employers.

Because leaders often focus on perimeter safety...