The Insider Threat
We tend to think of cyber threats as coming from an anonymous or state-sponsored criminal, hundreds or thousand of miles away behind a computer screen. However, current and former employees who have intimate and valuable knowledge about a company are also capable of committing cyber crimes.
An insider threat occurs when a current or former employee, contractor, or business partner who has or had authorized access to an organization's network, system, or data, intentionally misuses that access in a manner to commit a cyber crime.
Some facts about insider threats:
28% of electronic crime events were known to be caused by insider threats.
46% of the most costly cyber crime events were a result of an insider threat.
34% of insider threat cases were targeted towards collecting personally identifiable information (PII).
Here are some best practices to help mitigate this type of threat:
Incorporate insider threat awareness into periodic cyber security training for all employees.
Implement strict password and account management policies and practices.
Define explicit security agreements for any cloud services, especially access restrictions and monitoring capabilities.
Ensure that sensitive information is available to only those who require access to it.
Use a log correlation engine or security information and event management (SIEM) system to log, monitor, and audit employee actions.
Develop a formal insider threat mitigation program.
Here are some things to look out for that could pose an insider threat to you:
Someone who remotely accesses the network while on vacation, when sick, or at odd times during the day.
Works odd hours without authorization.
Unnecessarily copies material, especially if it is proprietary or classified.
Expresses interest in matters outside the scope of their duties.
Shows signs of drug or alcohol abuse, financial difficulties, gambling, illegal activities, poor mental health, or hostile behavior.
Insider threats are as harmful to your business and data as external threats. Both are cyber crimes!