It may come as a surprise to some that there is a high likelihood that a business will be hacked by someone from within their own organisation. The insider threat must be considered if a company is to be as secure as it can possibly be.
According to a report recently released by Intel, 43% of all data breaches experienced by companies are found to be the result of internal actors. The Intel report also showed that 68% of data breaches, were large enough to make the affected organisation publicly declare the breach.
That is a large amount of potential risk inside an organisation. Many business leaders do not consider the insider threat as much as they should do. Disgruntled employees and hostile insiders are a huge potential risk.
The most infamous example of an insider threat is the case of Edward Snowden, an American computer professional who, whilst working as a contractor for the National Security Agency (NSA) leaked classified information from the National Security Agency (NSA) in 2013.
Reducing the Threat
Discovering an insider threat is very difficult for most businesses due to the fact that a data breach is only discovered after it has already occurred. Employers also need to give employees a level of trust in order for a business to operate effectively, but there are a few ways to mitigate the risks posed by the insider threat.
PGI Cyber believes that people are arguably one of the weakest and easiest links to break in any client’s infrastructure. The social media information outburst, the blurred lines between corporate and home devices and often the lack of policy and procedures around the actions employees are allowed to take, all combine to create the opportunity for critical data cracks, which attackers are just one step away of utilising to penetrate a system.
Aside from keeping your staff happy by treating them and paying them well, a business also needs to keep a watchful eye on changes in their employees’ personal situations. By regularly communicating with employees a business’s leadership can assess whether an employee could pose a risk.
Ensure that the business has a solid foundation of fundamentals in place. How can you check for insider threats if you don’t have security measures already in place?
These fundamentals will allow the detection of any unusual behaviour and protect against hostile actors from accessing sensitive data. If an employee is signing into the system from random/strange locations they can be detected and then assessed to see if they have been compromised.
Another sign of an insider threat would be when a user tries to access data they are not authorized to access, or if a user accesses a much larger quantity of data than would normally be expected. There are many potential red flags that could be triggered, and investing the time to think through them can protect a business.
In essence, tackling insider cyber threats requires investment in education of staff at all levels.
Don’t become a target, invest in protection and seek the advice of the professionals such as those at PGI Cyber.
Your free Global Geopolitical Dashboard
PGI’s Risk Portal tool provides daily intelligence feeds, country threat assessments and analytical insights, enabling clients to track, understand and navigate geopolitical threats.
The Risk Portal gives users up-to-date information and analysis on global affairs.
The Risk Portal allows users to visualise information in a unique and instantly understandable way. Mapping filters enable the visualisation of incidents by threat category, time period, perpetrator and target type.
Risk Portal users can upgrade their accounts to include the Report Builder and Country Profile Generator features. The Report Builder allows users to select information, data and images from the Risk Portal and create bespoke reports and emails.
Subscribers to PGI’s Bespoke services receive tailored analysis on specific sectors and geographies of interest, delivered at a frequency they determine.
Subscribe to our Cyber Bytes Newsletter
Keep yourself in the loop with PGI by signing up to our Weekly Cyber Bytes email. You will receive updates, tips and narrative around what has been happening in the world of information security.