Eric Trexler, vice president of global government and critical infrastructure at Forcepoint, wrote in a Fifth Domain opinion piece published Tuesday that the defense industrial base should implement a human-centric monitoring approach to protect controlled unclassified information from cyber threats.
“Human-centric security is the point of contact between humans and data,“ Trexler wrote. “It uses a step-by-step process that includes individual behavior analysis and risk scoring to ensure the data that is available and valuable is also protected when it is most vulnerable.“
He said human-centric monitoring starts with the “establishment of a baseline user behavior pattern where employees are individually monitored as they go about their daily work.“
Trexler said detecting anomalous behavior or unusual patterns should trigger a warning.
“In this case, an automated flag should be raised, and the user should be investigated or automatically locked out of the network, not for being intentionally malicious, but likely for a compromised user account,“ he noted.
When it comes to implementing a risk scoring system, organizations should assign higher risk scores to users who are “closer“ to sensitive information, he said.