How Dangerous are Insider Threats?

When it comes to cyber security, most firms are concerned about outside threats like hackers, phishing scams, and data breaches. There is, however, another kind of threat to an organization’s data security: insider threats, people who belong to an organization or who have security access who compromise sensitive data or internal systems.

Just how dangerous are insider threats? According to recent studies, insider threats present a greater danger than all external threats. In other words, if your organization’s security measures only focus on threats coming from the outside, it’s ignoring the points at which your systems are the most vulnerable.1

According to the companies polled for a recent study, 40% expect to suffer a data breach within 12 months as the result of employee behavior. Also, according to a survey by a security software vendor, 45% of respondents said they had been targeted by an insider threat within the past year. 29% of those organizations reported losing data as a result.2

One of the reasons that insider threats are so dangerous is that they can be very hard to detect. When outsiders attempt to gain access to a secure system, they almost always leave signs of their presence. However, because employees and contractors have been granted access, it is hard to determine when they are using permissions properly, or for malicious purposes.

Insider threats can be motivated by several factors, including:

• Greed or financial need

• Anger with the business or organization

• Blackmail

• Divided loyalty between the organization and another party

• Thrill-seeking behavior

• A belief that they are above the rules

• Personal problems leading to reckless decisions

Another factor that can increase the danger of insider threats is how the culture of an organization treats security. If data security is not taken seriously and/or access to sensitive information is given out indiscriminately, it increases the chances that an insider will be able to steal sensitive data or compromise internal systems.

In some cases, insider threats have no malicious intentions at all. Instead, personnel who are not properly trained or who ignore security protocols will make a mistake that leaves an organization’s systems open to attack, or that leaves confidential data where it can be accessed by unauthorized parties.

There are several steps organizations can take to combat insider threats:

• Proper security training

• Encouraging employees to report suspicious behavior

• Adopting security protocols that balance the need for access with the need to keep data safe

• Careful screening of employees and contractors to identify possible threats before they can act

Triumfant is a cyber security firm that specializes in the detection and prevention of advanced persistent threats and other online dangers to organizations’ internal security and data. To learn more, visit www.triumfant.com today.

1. http://www.scmagazine.com/report-insider-threat-more-dangerous-than-external-risks/article/455117/

2. http://www.cio.com/article/3003117/security/government-cios-and-cisos-under-siege-by-insider-threats.html