The term ‘insider threat’ invokes images of malicious employees lurking in the shadows of an office attempting to steal company secrets or bring down the system. The reality however is that the real threat, and biggest risk to confidential data, is the negligent employee.
At the recent Gartner Security and Risk Management Summit 2016, held in the Unites States, it was announced that 50% of companies surveyed had acknowledged an insider threat incident. And because of the complexity of identifying insider threats, that number is probably much higher.
Presenters Avivah Litan, with guest speaker Rich Malewicz, categorised Insider Threats in three ways:
. Pawns – people who end up victims of spearfishing, ransomware and malware accidentally
. Collaborators – those who are actively collaborating to defraud or steal data for financial or personal gain
. Lone Wolf – someone who is working on their own to defraud or steal data for financial or personal gain.
For the cyber security professional it is increasingly essential to implement an Insider Threat program, using the foundations of educate, deter, detect and investigate, in order to protect the business.
And, whilst many people think about Firewalls and other deterrents to keep an outside threat from accessing systems with an ‘Insider’ most vulnerabilities that exist can’t be removed because, of course, you need your employees to be productive and, in order for them to be so, they need access and special permissions to perform their jobs.
Colin Tankard, Managing Director of data security company, Digital Pathways comments: “Insider Threats can be caught by creating simple rules and storylines, making sure employees are not bypassing security policies.
And whilst the best strategy for limiting this type of threat is creating and implementing an employee education process, continual screening, especially for trusted insiders with high privileges, and even recording of users sessions, is strongly recommended”.