Insider Threat Rises for Data Breaches

Data breaches have been a challenge to many businesses over the past twenty years. Cyber criminals have held files for ransom, leaked personally identifiable information (PII) to third parties, and turned millions of dollars’ worth of hardware useless. The threat of being exposed to hackers has always been a fear in the minds of computer users; however, there’s a threat as insidious lurking somewhere much closer to home.

As computing moves toward cloud-based operations and accessibility improves, employees have earned a spot on the list of threats to your company’s network.
In a previous post, we discussed the consequences of unsafe browsing while at work, but the threat posed by insiders isn’t always accidental or due to negligence. Recently terminated employees or those from the past with a grudge could spell trouble for companies if the proper measures aren’t taken.

Negligence vs. malicious intent

One of the most prominent issues concerning insider threats to network security is how accidental threats are treated. It is usually with a noticeable lack of urgency. It’s bad practice not to treat all inside threats as equally dangerous because they can all result in the same kind of damage.

From a February 2015 survey by NDIA
From a February 2015 survey by NDIA

Companies don’t often take every internal threat as seriously as they should, and that’s usually because they don’t utilize strategies or personnel to specifically handle insider threat security and risk assessment. That means only the malicious threats tend to be a priority, and problematic browsing behavior or other accidental damages are simply treated in passing.
Former employees or existing ones with an interest in doing harm to your company’s network or data can do so quite easily given the breadth of access most employees have. Not only can they access sensitive company files stored locally (or in the cloud), but they can also access logins for any site or database your company uses.
Eduard Meelhuysen of Europe-based cloud security firm Netskope offered some sage advice in a recent article regarding the rise of insider threats.

“Wherever possible, organizations should use policy and employee training to coach staff towards safe courses of action and secure cloud apps without affecting productivity. But, surgical visibility and control, as well as robust data analytics, are crucially important as they will help differentiate between employees and bad actors.”

This cements the importance of proper training and personnel when it comes to handling internal threats, because otherwise, it may be impossible to discern whether a data breach was caused by an employee (former or current) acting maliciously or if someone was simply careless with their credentials or wireless access.

Why have insider threats gone up?

The rise in employee-led breaches and security hiccups can be attributed to two factors: the dependency on technology to run a successful business and the shift to newer technologies aimed to make that easier, like the integration of mobile devices and cloud services. Although these technologies have improved the way companies can function, they’ve effectively made themselves larger targets, capable of being hit by hackers in almost any location.
data security services

Are insider threats really that common?

Besides the recent arrest of a former NSA contractor thought to have stolen classified government files, a survey conducted by cloud security company Bitglass showed that 60% of those surveyed believed that “privileged users posed the greatest security risk.” Internal threats definitely outnumber external ones if you combine intentional and accidental insider issues.
Think about it.
Say there’s one hacker trying to target a company with 100 employees. The hacker represents a single threat, whereas the company has as many potential internal threats as it does employees. That’s not to say every employee should be suspected of having malicious intent, but they do rely on training and pre-existing IT security guidance to avoid accidentally exposing the company to outside security dangers. Without the right redundancies, training, and personnel management, insider threats are going to continue being a serious danger to the company’s network.
While data breaches from current or former employees are certainly a growing concern, there’s no reason they should cause you undue stress. With a managed IT services provider, your network will have constant monitoring and assistance to help prevent infiltration from the inside.