If you consider the insider threats in cyber security (rather than dismissing everything as human error), you can cover the different types of human error. No matter how you look at it, companies can no longer afford to suffer such high volumes of insider threats on an annual basis.
3 Types of Insider Threats in Cyber Security
When you read about high-profile data breaches in the news, it’s likely that they were carried out by outside attackers. However, attackers are moving from their brute-pasts to a future of more finesse threats, taking advantage of security holes created by your own employees.
When you think about how these insiders create such dangerous vulnerabilities, there are 3 main types of threats to be concerned with:
- Accidental: According to Verizon’s 2016 Data Breach Incident Report, accidents accounted for 30% of security incidents in 2015. In this case, your employees might just not be educated enough on cyber security best practices. Whether insiders open a phishing email or click on a malicious link, attackers are just waiting for your employees to slip up.
- Negligent: These are the inside threats where your employees try to avoid the policies you’ve put in place to protect endpoints and valuable data. For example, if you have strict policies for external file sharing, employees might try to share work on public cloud applications so they can work at home. There’s no ill-will in these acts, but they can open you up to dangerous threats nonetheless.
- Malicious: This type of insider threat is often overlooked because you’d rather look at malicious intent from third-party actors. However, there are times when people within your organization are motivated by financial gain or espionage to make you vulnerable. For example, a disgruntled employee who was recently terminated might extract sensitive data on his/her way out and either sell it or release it publicly.
It’s difficult to find concrete data regarding accidental or negligent insider threats because they don’t often result in a security catastrophe. Sure, there are instances in which an accidental vulnerability leads to an attacker’s gain, but attacks have become such an inevitability that even small incidents can be overlooked at times.
Negligent and accidental insider threats can often be mitigated by more effective and accessible security policies that also avoid being too invasive for employees. Malicious insider threats, on the other hand, are a rising challenge that companies must be prepared to overcome.
Are Your Employees Being Recruited by Cyber Criminals?
The dark web market for stolen credit card and personally identifiable information (PII) is massive, with some estimates claiming it’s worth around $120 billion. While the values of different types of data vary, the fact remains that cyber criminals stand to see financial windfalls if they can capture sensitive information.
One way cyber criminals are starting to collect sensitive data is to recruit employees and turn them into malicious insider threats. A recent McAfee report specifically cites the healthcare industry as one that is plagued by this kind of insider threat.
Unlike accidental and negligent insider threats that could be mitigated by, for example, more diligent patching practices, these malicious insider threats must be monitored more carefully.
So how do you actually protect your company from malicious insider threats? According to Verizon’s 2016 DBIR, it’s all about relentless monitoring of employee daily activity (especially if they have privileged accounts) and understanding where your sensitive data resides.