Why Insiders Are the Biggest Threats to Your Sensitive Data

Profile image for superv3k900
August 16, 2017 | Views: 2290

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

By Stephen Voorhees, CISSP, Veriato

 

The latest breach from an NSA contractor should remind everyone of a grim truism about leaks: the greatest threats to an organization come not from the outside, but from those within.

 

Fact is, insiders pose a greater risk to your cyber security than the sum of all outside pernicious actors. It’s not that insiders necessarily have malicious intent. It’s that they may have system authentication privileges, as well as access to a variety of valuable digital assets—from your strategic plan and control systems to lists of customers and various accounts. That makes your precious data vulnerable.

 

The producer of your web content is potentially a bigger danger than a cyber criminal operating half a world away. Why? That insider, whose job entails uploading content to the site for the eyes only of certain executives, say—or of time sensitive material—can release it early or to other parties with potentially disastrous consequences to an organization’s reputation or finances. Someone in payroll or human resources, with access to employee social security numbers and other personal data, can easily exploit this information for gain. The same is true for those who have privileged access to your IT systems.

 

Let’s take a closer look at why insiders pose such a significant threat. According to a recent survey conducted nationwide:

 

  • 70% of those whose jobs entail special access to sensitive data think they are “empowered” by their employer to look at anything on the system, even if it’s not critical or relevant to their work.
  • 66% look at “confident or private” data just out of curiosity.
  • 58% of organizations “are unnecessarily granting” access privileges to employees that don’t require them.

 

Moreover, such insiders are often the point of entry for malware and ransomware:

 

  • 48% of phishing ploys from outsiders target insiders with system access.
  • 46% of malicious intrusions deliberately hit such insiders in order to get access to their privileged credentials.

 

Insiders need not be motivated by revenge, profit, or disgruntlement to pose a threat. These individuals may be as trustworthy and loyal as anyone in the organization. But they’re still high-risk employees because of their privileged access to sensitive data. They may exercise that privilege to examine information out of simple curiosity—and expose their authentication credentials to imposters with nefarious intent. Attackers can threaten them or their families into giving up that access. Sheer negligence by those who have privileged access causes 68% of all insider incidents.

 

So how do you protect your company’s cyber assets from the very employees your organization relies on? Considering that insider threats cost organizations, on average, $4.3 million a year, what’s the best investment when it comes to prevention?

 

Many organizations rely on data loss prevention tools that aim to prevent attacks from the outside. While some of these software programs are robust, they don’t address threats from within and, overall, have even in the best circumstances a 10% return on investment.

 

Compulsory training for employees in cyber security is another popular gambit. Because its deployment costs are lower than data loss prevention technology, its ROI is better. But survey reports suggest that training lowers the overall costs of insider incidents by just 7%.

 

No system is completely fail-safe. But user behavior analytics can lower the cost of insider threats by 26%. How? By establishing a baseline of normal activity for at-risk employees—and detecting and alerting the right authorities when someone’s use of system credentials deviates from those norms. Once an alert kicks in, a company can actively track the activities of insiders and move quickly if any infractions occur. Read the Monitoring High Risk Positions whitepaper to learn more.

 

Stephen Voorhees is a CISSP and Senior Sales Engineer at Veriato, which provides user and entity behavior analytics and user activity monitoring software.

Share and Earn Cybytes
FacebookTwitterGoogle+LinkedInEmail
Save
+1
29
0
Use Cybytes and
Tip the Author!
Join
Share and Earn
Cybytes
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Be the Best at Whatever You Do.
We Have the Tools to Get You There.
Visit the NEW Marketplace of Over 500 Skill Enhancement Tools.
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

DUHK: The Technique That Got the VPN Compromised
Views: 1282 / December 10, 2017
What is Docker? [Series]
Views: 2098 / December 9, 2017
Wanna-Cry Ransomware
Views: 2085 / December 9, 2017
The Abyssal Depth of the Deep Web
Views: 2060 / December 8, 2017
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel