It may come as a surprise to some that there is a high likelihood that a business will be hacked by someone from within their own organisation. The insider threat must be considered if a company is to be as secure as it can possibly be.
According to a report recently released by Intel, 43% of all data breaches experienced by companies are found to be the result of internal actors. The Intel report also showed that 68% of data breaches, were large enough to make the affected organisation publicly declare the breach.
That is a large amount of potential risk inside an organisation. Many business leaders do not consider the insider threat as much as they should do. Disgruntled employees and hostile insiders are a huge potential risk.
The most infamous example of an insider threat is the case of Edward Snowden, an American computer professional who, whilst working as a contractor for the National Security Agency (NSA) leaked classified information from the National Security Agency (NSA) in 2013.
Reducing the Threat
Discovering an insider threat is very difficult for most businesses due to the fact that a data breach is only discovered after it has already occurred. Employers also need to give employees a level of trust in order for a business to operate effectively, but there are a few ways to mitigate the risks posed by the insider threat.
PGI Cyber believes that people are arguably one of the weakest and easiest links to break in any client’s infrastructure. The social media information outburst, the blurred lines between corporate and home devices and often the lack of policy and procedures around the actions employees are allowed to take, all combine to create the opportunity for critical data cracks, which attackers are just one step away of utilising to penetrate a system.
Aside from keeping your staff happy by treating them and paying them well, a business also needs to keep a watchful eye on changes in their employees’ personal situations. By regularly communicating with employees a business’s leadership can assess whether an employee could pose a risk.
Ensure that the business has a solid foundation of fundamentals in place. How can you check for insider threats if you don’t have security measures already in place?
These fundamentals will allow the detection of any unusual behaviour and protect against hostile actors from accessing sensitive data. If an employee is signing into the system from random/strange locations they can be detected and then assessed to see if they have been compromised.
Another sign of an insider threat would be when a user tries to access data they are not authorized to access, or if a user accesses a much larger quantity of data than would normally be expected. There are many potential red flags that could be triggered, and investing the time to think through them can protect a business.
In essence, tackling insider cyber threats requires investment in education of staff at all levels.
Don’t become a target, invest in protection and seek the advice of the professionals such as those at PGI Cyber.