Security threats can come from anywhere, most of the tend to occur from the inside. You may not think it but the biggest threats could be your very own employees.
Most business tend to focus on internet based attacks instead of all of the various forms of attacks. Insider can cause more damage to a business than an internet based attack. What tends to be forgotten is employees have access to the businesses valuable data and they can choose to abuse the information they have access to without going undetected.
The challenge of insider threats
One question that should be asked is how attractive is your business to a malicious insider?
25% of security incidents in a business are due to insider threats, it is very normal for these type of threats to go unnoticed for years. It is hard to detect whether an employee who works with sensitive data is conducting something malicious with it.
Insider threats are more than often overlooked, this is because they come from a trusted source. It is common for business to make the mistake of giving their employees more access to data than they actually need.
However, some insiders don’t mean to put you at risk, it could be human error which causes the data to become lost or stolen. It has be proven that employees who use their personal devices for work are often the people who put their company at risk the most.
As well as using personal devices for work, social media has become a culprit for a insider threats. Social media allows all sorts of information to be leaked from companies, often without their knowledge.
"40% of companies claim the frequency of security incidents have increased dramatically over the last year"
Who are the insider threats?
When it comes to insider threats there has been 3 specific types of users that have been the ones to conduct the threats to a business. The three groups you need to look out for are:
- Third Parties: These could be anyone from a remote employee to business parties, the list is endless. These people will more than likely have access to your database and other forms of data.
- Privileged users: These are the ones to look out for, these types of users tend to have a higher authority in the business and access to a lot of data that will be more valuable.
- Terminated Employees:When some employees leave a business they might take valuable data along with them. This could be anything from contacts to investors. Once they have left if their work accounts have not been shut down they can still access the companies database and other forms of data as they wish.
Cause of growth
Many organisations do not adequately deprovision their end users when they move from one role to another, or even when the employee leaves the company. For employees they can go unnoticed by security systems as they have the knowledge and access to proprietary systems.
Social engineering has been exploiting weaknesses in humans for many years, it can take many forms, whether its through social media, email or over the phone, they all are extremely effective and fool many daily.
If a disgruntled employee wanted to conduct a internal social engineer attack against the business, it would take much time or effort to conduct the attack, with them being a former employee or still working there they have access to a lot of private data.