Cybersecurity and the Insider Threat

27 May 2016

Cybersecurity and the Insider Threat

As external and technical cyber defences improve, the role of an insider in any cyber-attack is becoming more important. A number of recently released surveys show that more than half of all people seeking to defraud a company are already on the inside.

Malicious Intentions

Insider threats come in two forms: The first is a malicious threat where an employee, former employee, contractor or associate deliberately brings harm to an organisation. Insiders have special privileges that external attackers do not as they already have access to the networks and can compromise sensitive data all too easily.  This risk can also increase where organisations have replaced dedicated resources with contractors, third-party support personnel or cloud-based IT services as those who administer services will be beyond both the control and visibility of the organisation.

Accidents do happen

The other form of the insider threat is accidental; an employee may inadvertently open a malicious email that then spreads malware throughout the organisation’s computer systems.

People remain the weakest and easiest links to break in any organisations infrastructure. The social media information outburst, the blurred lines between corporate and home devices and the lack of clarity around actions employees are allowed to take, all combine to create the opportunity for attackers.

How to Defend Against the Threat

The IT and Security infrastructure of many organisations is based on a design that is 5 or 10 years old, meaning that it was created long before the introduction of Cloud and mobile IT within the workplace. The introduction of mobile technology means that the number of access points into a business’s network is now significantly higher than it was previously, giving an insider more opportunities to cause mischief.

Implementing Privileged Access Management (PAM) or Identity and Access Management (IAM) systems can also reduce the risks as by implementing effective system monitoring you will be able to detect when an employee tries to access areas in a system that they shouldn’t. 

Ensure that your organisation has a solid foundation of fundamentals in place. How can you check for insider threats if you don’t have security measures already in place?

These fundamentals will allow the detection of any unusual behaviour and protect against hostile actors from accessing sensitive data. If an employee is signing into the system from random/strange locations they can be detected and then assessed to see if they have been compromised.

Aside from keeping your staff happy by treating them and paying them well, a business also needs to keep a watchful eye on changes in their employees’ personal situations. By regularly communicating with employees a business’s leadership can assess whether an employee could pose a risk.  In short, getting the organisations culture and basics right is key to reducing the threat.

By training staff and raising awareness of the basics, such as how to create strong passwords, implementing effective security measures and putting in place an effective risk management scheme you can greatly reduce the insider threat.

For the latest PGI updates like our pages on LinkedIn – PGI,  PGI Cyber, and Facebook – PGI,  PGI Cyber

Share this article


Your free global geopolitical
risk dashboard

PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.

The Risk Portal gives users up-to-date information and analysis on global affairs.

The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.

Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.

Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.

Visit the Risk Portal

Subscribe to our Cyber Bytes Newsletter

Keep yourself in the loop with PGI by signing up to our Monthly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.

Get in touch today

For more information on how we can help you or your business, please contact us via:

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Read news article

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Read news article

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Read news article
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP