By Dhruv Khanna, CEO, Data Resolve
With continuous data transmission, cyber threats are encountered in various forms with Insider Attacks being the most sophisticated attack of them all.
Insiders are one of the class threat actors often overlookedas they play a combination of characters accounting for the access as a result of their status in the business, to leverage the same to fulfil their goals.
An insider can be either careless or malicious in nature. Careless insiders are the ones who unintentionally commit a cybercrime resulting into potential consequences for their organisations including industry sanctions, lawsuits, brand damage or/and the loss of consumer confidence; while malicious insiders are the ones who intentionally make use of their powers in order to obtain sensitive and crucial information of the organisation.
As per the recent reports from the industry, insider threat has been identified as the most pertaining cyber threat to the businesses:
• Amongst all breaches, 77% of threat attacks are posed due to Insiders & Privilege Misuse : 2016 Verizon Report
Learning: Privileged insiders are the most dangerous threats for your business
• Current employees were the biggest cause of security incidents surpassing hackers, contractors, and organized crime: 2015 Price Water Coopers Report
Learning: Insider Threats are increasingly causing damage to company reputation & loss of business
• 89% of global respondents (800 senior managers and IT professionals) believed that their companies were at risk from the insider threat: 2015 Vormetric report
Learning: Each organization must have Insider Threat Management tool in place to detect & mitigate risk
With insiders holding the critical information and data, mitigating the associated threat requires a holistic approach as a whole. An organization shall adopt to “Educate and Enable the employees with ITM”.
• Educate – Share the facts with your employees to build awareness. The holders of the key to the treasure of data, shall be made aware of the routes via which the data could be leaked and the possible harm it can lead to both the organization and the individual. Sharing of such market facets can help to build an urge to adopt an “Insider Threat Management” tool in the system.
• Enable employees with ITM – A soft campaign can help to promote transparency at all the levels.
• Make users aware: encourage every employee to make good sensitive data handling decisions and follow published data protection policies.
• Get them engaged: encourage users with a campaign – Defenders at work. Motivate to support the organization by integrating the moto in e-mail signatures, at desk, etc. and engage managers to recognize the good behavior by publishing a quarterly/annually Defenders at Work Leaderboard.
• Reward good behavior: Offer modest prizes once key data protection milestones are met.
But we also know that monitoring, protecting and controlling of Insider Threats cannot be done by naked eyes. It may be difficult to identify change in Employees Behavior without having set baselines of “genuine” behavior. There might be some activities that may seem out of place or uncharacteristic soliciting attention. Such activities such as increased use of removable media, increased printing habits, excessive browsing activities and social media surfing, working outside normal customary work times, or increased remote log-ins can be the types of indicators that warrant closer inspection and requires adoption of anappropriate solution in place to forecast the possible vulnerabilities.
With employees support and technological adoption, the journey from no cyber security framework to a completely “Insider Threat Managed organization” can be made smooth for organisations of all sizes.