Possibly one of the most underrated catalysts for a cyberattack is the insider threat. Take a look at some recent statistics:
- An April 2022 article by Identity Management Institute stated that 65-70% of all security incidents arise from insider threats to system and data security.
- According to IBM Security Intelligence, 40% of insider incidents involve an employee with privileged access to company assets.
Many companies do not account for the damage that an insider threat could do. An insider threat can be anyone with access to an organization’s network, like employees, contractors, business associates, or friends. Insider threats are the biggest contributors to cyberattacks, especially in the last couple of years.
22% of all folders were available to every employee. (Varonis)
What is an insider threat?
An insider threat is anyone who has special access to the organization and can possibly use that access to attack or help hackers target the company. There are a few different types of insider threats to be aware of: malicious insiders, inside agents, emotional employees, reckless employees, and third-party users. Each one of these types of insider threats all could have access to an organization in some way and can use it to their advantage.
Insider threat attacks have only been growing in the past years and experts predict that number to skyrocket as more businesses switch to remote work. The increasing mix of remote, hybrid, and on-site employees means that companies must be extra vigilant about managing network access and permissions. Even the most loyal employees who retire or leave on good terms should no longer have access to company files or systems after their last day. In addition, it is important to ensure that dissatisfied or disgruntled employees—whether they are still there, or were recently laid off—cannot use their access in retaliation against the company.
“The overall cost of insider threats is rapidly rising. There is a 31% increase from $8.76 million in 2018 to $11.45 million in 2020”. (Cost of Insider Threats Global Report)
Although cybersecurity has become a loaded concept, it’s important to make cybersecurity a priority. Good online hygiene should be part of any organization’s onboarding or off boarding process, but if it not, then take it upon yourself to exercise best practices to keep your company safe.
Some basic precautions include performing regular software updates and enabling MFAs. You can also contact Ostra to explore how a cybersecurity assessment can reveal what vulnerabilities you may have, and how you can stay ahead of threats.
How can companies best protect their data from insider threats? While it is tempting to succumb to either apathy or paranoia, neither of these extremes are the right approach. Rather, awareness that leads to action is the goal. You can read more about this approach in Ostra’s blog about data privacy.
How to protect against insider threats?
- Update and maintain the user access/privileges list and be aware of which employees have access and to what—especially as you are onboarding new employees or removing access from departing employees.
- Ensure sensitive/confidential information is not accessible by anyone who does not need it.
- Educate employees on insider threats and how they can help defend against a possible attack.
- Implement a cybersecurity program that can defend immediately against any lurking vulnerabilities.
Ostra Cybersecurity provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.
Editor’s note: This post was originally published 8/26/20. It has been updated with new information and insight.