The prevention of sensitive information loss is a challenging task for organizations, as they often encounter difficulties in protecting data from both internal and external threats. In order to defend against these threats, security operations centers (SOCs) must analyze the activities of employees, partners, and potential threat actors. However, when it comes to surveilling for insider threats, there is an added concern regarding potential bias.
Monitoring bias is the unfounded and often discriminatory observation of specific employees or departments, regardless of their conduct. This can lead to unsupported negative conclusions about the credibility and trust an organization should have about an employee or department, resulting in intrusive monitoring. Moreover, monitoring bias can also affect how businesses analyze insider risks, resulting in errors that can prevent identifying potential threats.
This type of discrimination can take many forms, including unequal monitoring, selective attention, attribution bias, group identity bias, and confirmation bias. These biases can inadvertently cause security teams to fail to see risky activities from other employees, partners, or threat actors. The Intelligence and National Security Alliance has found that unfounded monitoring of individuals due to biases can lead to increased risk, wasted resources, legal liability, and reputational damage.
Legacy approaches to Data Loss Prevention and Insider Risk Management solutions do not effectively address monitoring bias. These older solutions often only utilize keystroke logging, screen recording, or web monitoring for individual users, losing sight of the bigger picture and promoting bias.
It is best practice to reduce bias when monitoring employees by using technology that anonymizes employees while monitoring activities involving sensitive data. This allows security teams to detect risks without the interference of bias, providing a holistic view of organizational activities that helps detect threats and reduce monitoring bias.
Chris Denbigh-White is the Chief Security Officer for Next, with over 14 years of experience in the cybersecurity space. With his expertise, he emphasizes the importance of eliminating bias in monitoring to improve data protection and maintain an impartial management program that employees can trust.
In conclusion, addressing monitoring bias is crucial for organizations to effectively prevent the loss of sensitive information. By employing technology that allows for anonymized monitoring and by being aware of the different forms of monitoring bias, enterprises can take steps to mitigate potential risks and maintain a secure environment for their sensitive data.