The Greatest Corporate Challenge: Insider Threats
Security is one of the most crucial elements to any company. Protecting your sensitive data from theft or unwanted visitors is essential, but only considering outside threats poses a significant flaw: What about security breaches from within the company?
IBM’s X-Force 2016 Cyber Security Intelligence Index notes insider threats caused 60% of cyber-attacks. Insider threats are a growing problem in the corporate world, and unfortunately, they pose great difficulty preparing against them. Such security breaches come in two forms:
- The Oblivious Accomplice
Employees can unintentionally become a part of hacking efforts without realizing their role. In 2013, Target was a victim of a cyber-attack in which roughly 70 million people had their personal data stolen. This attack was a substantial hit to Target and damaged the value of the company. The hackers were not related to the company, but they used the credentials of one of Target’s refrigeration vendors to get inside.Attacks like this are difficult to prevent because no breach occurred as far as the computer systems can comprehend. Through the use of phishing schemes and malware hidden in emails, employees can accidentally reveal information that exposes their credentials and provides the scammers with an undetectable route into the system.
- The Intentional Saboteur
The more malicious contender of the two, this individual has full intent and knowledge of what they are doing and will purposely extract company data, ruin IT systems or any other network structures within their reach. They might be looking just to cause destruction, or sell valuable company secrets or customer data.
The Problems and Solutions to Insider Threats
When such attacks occur, it is difficult to differentiate between an employee purposefully initiating the hack and one conned into participation. Unfortunately, complicating the issue further, security systems are designed to prevent unauthorized access from the outside. If a firewall breach occurs, alarms sound off, but with insider threats, often nothing seems out of place. Legitimate user information and accompanying passwords are used to gain access. Security systems don’t have the capability to recognize the intent of a user on the system provided they enter through valid means.
Larry Bridwell, a global security strategist, has suggested that a significant portion of the problem is the result of carelessness. Bridwell recommends companies do three things for risk assessment of insider hacking.
- Know what their assets are
- Know where they are
- Know who has access to them
Companies often do not understand the worth of their assets and tend to underestimate the risks involved. Such a miscalculation results in a substantial lack of protection due to a misunderstanding in the safeguards necessary. By knowing your company’s assets and their potential value, corresponding security protocols can form.
In addition, knowing specifically where these valuables are on a company system is crucial. Is it on one local drive only accessible by a certain computer or is it on a shared network that anyone can reach with a few clicks? When you know where the assets are and who can access them, you can adjust accordingly to prevent disaster and know who to go to after the attack.
Current securities in place to prevent insider threats employ deep analytics monitoring slight changes in the routines of employees on the individual level to help register if an imposter is using a user’s identity maliciously. Visitor management solutions that track employee check in and check out times, as well as visitor information, can help identify a potential threat if the employee is spending too much time with a “suspicious” visitor, or if they’re entering and exiting the building at odd hours.
Keep Your Company Safe
There are new ways to protect against insider threats emerging daily. When a compromise happens within your system, you want to be the first to know. Even a regulation as simple as stricter password guidelines can be helpful to make it harder to guess a user’s login information. You never want a security threat to come to your company, whether it be from the outside or in. Don’t allow your company to find itself in harm’s way and invest in security today.