Cybersecurity and the Insider Threat

27 May 2016

Cybersecurity and the Insider Threat

As external and technical cyber defences improve, the role of an insider in any cyber-attack is becoming more important. A number of recently released surveys show that more than half of all people seeking to defraud a company are already on the inside.

Malicious Intentions

Insider threats come in two forms: The first is a malicious threat where an employee, former employee, contractor or associate deliberately brings harm to an organisation. Insiders have special privileges that external attackers do not as they already have access to the networks and can compromise sensitive data all too easily.  This risk can also increase where organisations have replaced dedicated resources with contractors, third-party support personnel or cloud-based IT services as those who administer services will be beyond both the control and visibility of the organisation.

Accidents do happen

The other form of the insider threat is accidental; an employee may inadvertently open a malicious email that then spreads malware throughout the organisation’s computer systems.

People remain the weakest and easiest links to break in any organisations infrastructure. The social media information outburst, the blurred lines between corporate and home devices and the lack of clarity around actions employees are allowed to take, all combine to create the opportunity for attackers.

How to Defend Against the Threat

The IT and Security infrastructure of many organisations is based on a design that is 5 or 10 years old, meaning that it was created long before the introduction of Cloud and mobile IT within the workplace. The introduction of mobile technology means that the number of access points into a business’s network is now significantly higher than it was previously, giving an insider more opportunities to cause mischief.

Implementing Privileged Access Management (PAM) or Identity and Access Management (IAM) systems can also reduce the risks as by implementing effective system monitoring you will be able to detect when an employee tries to access areas in a system that they shouldn’t. 

Ensure that your organisation has a solid foundation of fundamentals in place. How can you check for insider threats if you don’t have security measures already in place?

These fundamentals will allow the detection of any unusual behaviour and protect against hostile actors from accessing sensitive data. If an employee is signing into the system from random/strange locations they can be detected and then assessed to see if they have been compromised.

Aside from keeping your staff happy by treating them and paying them well, a business also needs to keep a watchful eye on changes in their employees’ personal situations. By regularly communicating with employees a business’s leadership can assess whether an employee could pose a risk.  In short, getting the organisations culture and basics right is key to reducing the threat.

By training staff and raising awareness of the basics, such as how to create strong passwords, implementing effective security measures and putting in place an effective risk management scheme you can greatly reduce the insider threat.

For the latest PGI updates like our pages on LinkedIn – PGI,  PGI Cyber, and Facebook – PGI,  PGI Cyber

Share this article

Contact us

Call us now to discuss your requirements with one of our consultants.

Contact us today

Related News

CISMP, CISSP and CISM - what's in an acronym?

20 Mar 2017

There is a wide range of different security courses available, and a mind-boggling array of certific...

Watch Video

International Womens Day - Pioneering Women in Tec...

08 Mar 2017

Pioneering Women in Technology – Katherine JohnsonThe Oscar season has been and gone. The...

Watch Video

Law Firms and why they need cyber security

06 Mar 2017

Suffering a data breach can be devastating for any company but for law firms the impacts can be part...

Watch Video
Back to the News Hub

Follow us

+44 (0)207 887 2699
©2017 PGI - Protection Group International Ltd. All rights reserved.
PGI - Protection Group International Ltd is registered in England & Wales, reg. no. 07967865
Registered address: Cascades 1, 1190 Park Avenue, Aztec W, Almondsbury, Bristol BS32 4FP