Microsoft Insider Risk Management and new improvements for a complicated data landscape.

Microsoft Insider Risk Management helps organizations quickly identify and mitigate insider risks. Microsoft Purview Insider Risk Management is built with privacy by design. It empowers security teams to better understand what relevant data activities are the riskiest within their organization, create policies, and then investigate and mitigate these risks. Insider Risk Management is enhancing analytics with easy one-step policy creation. Now, admins can easily click “Create Policy” and use default thresholds to create a new insider risk policy.

Analytics assessment results will also now be included in the Insider Risk Management overview page. Insider Risk Management can now leverage the same trainable classifiers that are available in Microsoft Purview Information Protection. Sites classified as risky could include those hosting malware, hacking and other content organizations may consider unacceptable. These triggers will surface security alerts for a user visiting one of these sites. Insider Risk Management workbook within Microsoft Sentinel now includes updated content and an enhanced user interface.

Updated Microsoft Purview Insider Risk Management solution makes it easier for SOC teams to find and investigate potential insider risks. Added capabilities include recommended data connectors and user-based Entity Search.

Check out the latest in our new blog, here:

Microsoft works with other top security companies to deal with the problem of insider risk. Microsoft is also lowering insider vulnerabilities through collaborations and knowledge sharing. Microsoft is a Founding Research Sponsor of MITRE Engenuity’s Center for Threat-Informed Defense, which created an insider threat database. Here’s the Center’s release.

This resource is aimed to enable insider threat programs and security operation centers (SOCs) “identify, mitigate, and replicate insider actions on IT systems” and avoid dangerous or detrimental behaviors. These resources contain a TTP Knowledge Base and Design Principles and Methodology report.

In the past 18 months, we’ve witnessed high-profile insider risk instances across industries, from data theft to code of conduct violations. Recent examples include the theft of COVID-19 vaccination documents and workplace harassment.

PwC and Microsoft advocate for an enterprise-wide approach to insider risk by identifying possible threats and tailoring technology safeguards. Download the PwC and Microsoft whitepaper Building an effective insider risk management program to learn more.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s