February 8

Cybersecurity concern: Insiders

Tuesday, February 9, 2016 is Safer Internet Day (SID). It’s an awareness campaign that originated in the UK to promote safer and more responsible use of online technology and mobile phones, especially among children and young people across the world. SID is now celebrated in more than 100 countries!

Threats to the security and safety of your data are all around. As the Internet of Things (IoT) expands and more pieces of technology become interconnected, cybersecurity risks become more and more prevalent in society. Many people are familiar with the most common Internet dangers, such as Phishing scams, stolen passwords, browser vulnerability, and hackers. However, there’s another, more duplicitous danger at work.

Even children recognize stranger danger, but studies suggest that people we know are a likelier danger. The same applies to the Internet. In recent years, Insider Threats have become a huge Cybersecurity concern.

What is an Insider Threat?

An Insider Threat is a person, often a direct employee or private contractor, who exploits “legitimate access to an organization’s cyber assets for unauthorized or malicious purposes” or creates vulnerabilities to the organization.

According to the Harvard Business Review, “Insiders can do much more serious harm […] because they have much easier access to systems and a much greater window of opportunity.” When interviewed, 62 percent of Cybersecurity professionals said insider threat instances have increased in the past 12 months.

Who can be an Insider Threat?

Insiders have many advantages over random cyber criminals and hackers. They know their organization intimately; the internal processes, procedures, and protocol. They have access to login credentials, passwords, trade secrets, sensitive data, and personal information about employees and clients. Moreover, it is easier for these individuals to avoid detection because they are a trusted colleague, a private contractor, a third-party vendor, or a privileged user.

Why do Insiders attack?

Because Insiders are affiliated with their own company in some way, they are driven by a wider spectrum of motivations. First, information is power…and money. Companies are often sitting on a treasure trove of sensitive, valuable information. The individual may be looking to make a buck, or supplement his or her income. Second, maybe business became personal and their actions were driven by anger, humiliation, competition, or revenge. Third, companies have their own internal politics, driven by loyalty, tenure, or position – the Insider may be looking for an underhanded way to gain the upper hand.

This is the primary difference between Insider Threats and unaffiliated cybercriminals; the former has a multitude of motivations, many of which are personal.

How do I protect myself or my organization?

Now that Insider Threats are more widely recognized as a growing Cybersecurity problem, regardless of business industry, organizations are taking steps to protect themselves. Fortunately, the CERT Division of the Software Engineering Institute has developed a comprehensive list of best practices and an incident response plan for Insider Threats.

We’ve talked before about data security and being aware of the risks of sharing data online, protecting yourself and your business against data theft and of course data loss. Considering the repercussions if data is compromised and falls into the wrong hands both inside or outside an organization, if it is not stored, protected or destroyed properly is definitely something to think twice about.

Play your part for a better Internet!

Category: business

Tags: , , , , , ,


Commenting is closed for this article.