CSOs and CISOs face a myriad of security challenges but more recently, the insider threat has taken a stranglehold on the evolving list of top risks to look out.
As security professionals, we spend a lot of time focusing on external threats but the greatest cyber security threat to organisations are no longer the malicious outsider hacking from beyond network firewalls.
According to Accenture and HfS Research, 69 percent of enterprise security executives reported experiencing an attempted theft or corruption of data by insiders during the last 12 months.
The insider threat problem can be broken down into three specific motivations:
1. Personal use: This is perhaps the most obviously and frequently discussed motivation. A sales person decides to leave Company A and takes the customer list and contact information for those customers when they join Company B, a competitor.
2. Financial gain: This is a more sophisticated and deliberate action to steal proprietary or trade secrets from a company they work for and sells, or in some cases gives it to a competitor or foreign government for financial exchange.
3. Sabotage: This is a retaliation for some action or lack of action what wronged the employee perpetrating the act(s) by accessing and changing or sabotaging the organisation’s systems.
But it doesn’t end there. A recent study found that 36 percent of security incidents/breaches come from the actions or inaction of a careless user. These individuals unknowingly do something that corrupts the organisation’s information, compromises a system or systems, or in some cases, allows outsiders to take and hold the data hostage.
Here are our 4 top tips to help reduce the risk of a malicious insider attack:
1. Access management: Use role-based access management for critical applications and systems to limit the ability and resources that malicious insiders can use to do damage.
2. Real-time monitoring: Monitor and block the movement of sensitive data outside the organisation via email, ftp, and via the web.
3. The human firewall: Adopt and embrace user-awareness training to help your team identify a rogue insider and not be afraid to speak up. The more eyes you have on an area of risk, the better.
4. Incident response: Have an incident response plan that involves all business departments – including HR, legal, PR – on how to guard against and respond to malicious activities by insiders.
Given the continued increase in insider incidents, it is as much about communication and collaboration between internal teams to underline clear policies, procedures and training than it is about adopting the right technology. The last line of defence between the malicious insiders and your critical data are your employees, so helping them to identify suspicious activity and have the confidence to report it will go some way in addressing the issue.
Our new anti-phishing solution transforms your employees into a powerful security layer with phishing awareness training that allows users to recognise and report real-world phishing attacks.
To find out more, book a demo or call us on +1 345 946 3673.